Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-38732 (GCVE-0-2025-38732)
Vulnerability from cvelistv5
Published
2025-09-05 17:20
Modified
2025-09-29 05:56
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject: don't leak dst refcount for loopback packets
recent patches to add a WARN() when replacing skb dst entry found an
old bug:
WARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]
WARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]
WARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234
[..]
Call Trace:
nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325
nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27
expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]
..
This is because blamed commit forgot about loopback packets.
Such packets already have a dst_entry attached, even at PRE_ROUTING stage.
Instead of checking hook just check if the skb already has a route
attached to it.
References
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| ▼ | Linux | Linux |
Version: f53b9b0bdc59c0823679f2e3214e0d538f5951b9 Version: f53b9b0bdc59c0823679f2e3214e0d538f5951b9 Version: f53b9b0bdc59c0823679f2e3214e0d538f5951b9 Version: f53b9b0bdc59c0823679f2e3214e0d538f5951b9 Version: f53b9b0bdc59c0823679f2e3214e0d538f5951b9 Version: f53b9b0bdc59c0823679f2e3214e0d538f5951b9 Version: f53b9b0bdc59c0823679f2e3214e0d538f5951b9 |
||||||
|
|||||||||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/ipv4/netfilter/nf_reject_ipv4.c",
"net/ipv6/netfilter/nf_reject_ipv6.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "7b8b503c06274ef3c6c1a107743f1ec0d0a53ef8",
"status": "affected",
"version": "f53b9b0bdc59c0823679f2e3214e0d538f5951b9",
"versionType": "git"
},
{
"lessThan": "82ef97abf22790182f7d433c74960dfd61b99c33",
"status": "affected",
"version": "f53b9b0bdc59c0823679f2e3214e0d538f5951b9",
"versionType": "git"
},
{
"lessThan": "b7a885ba25960c91db237c3f83b4285156789bce",
"status": "affected",
"version": "f53b9b0bdc59c0823679f2e3214e0d538f5951b9",
"versionType": "git"
},
{
"lessThan": "a0a3ace2a57887dac1e7c9a724846040c3e31868",
"status": "affected",
"version": "f53b9b0bdc59c0823679f2e3214e0d538f5951b9",
"versionType": "git"
},
{
"lessThan": "51e8531371f90bee742c63775c9a568e5d6bf3c5",
"status": "affected",
"version": "f53b9b0bdc59c0823679f2e3214e0d538f5951b9",
"versionType": "git"
},
{
"lessThan": "b32e1590a8d22cf7d7f965e46d5576051acf8e42",
"status": "affected",
"version": "f53b9b0bdc59c0823679f2e3214e0d538f5951b9",
"versionType": "git"
},
{
"lessThan": "91a79b792204313153e1bdbbe5acbfc28903b3a5",
"status": "affected",
"version": "f53b9b0bdc59c0823679f2e3214e0d538f5951b9",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/ipv4/netfilter/nf_reject_ipv4.c",
"net/ipv6/netfilter/nf_reject_ipv6.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.9"
},
{
"lessThan": "5.9",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.241",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.190",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.149",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.103",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.44",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.16.*",
"status": "unaffected",
"version": "6.16.4",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.17",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.241",
"versionStartIncluding": "5.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.190",
"versionStartIncluding": "5.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.149",
"versionStartIncluding": "5.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.103",
"versionStartIncluding": "5.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.44",
"versionStartIncluding": "5.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.16.4",
"versionStartIncluding": "5.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.17",
"versionStartIncluding": "5.9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject: don\u0027t leak dst refcount for loopback packets\n\nrecent patches to add a WARN() when replacing skb dst entry found an\nold bug:\n\nWARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]\nWARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]\nWARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234\n[..]\nCall Trace:\n nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325\n nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27\n expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]\n ..\n\nThis is because blamed commit forgot about loopback packets.\nSuch packets already have a dst_entry attached, even at PRE_ROUTING stage.\n\nInstead of checking hook just check if the skb already has a route\nattached to it."
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T05:56:59.879Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/7b8b503c06274ef3c6c1a107743f1ec0d0a53ef8"
},
{
"url": "https://git.kernel.org/stable/c/82ef97abf22790182f7d433c74960dfd61b99c33"
},
{
"url": "https://git.kernel.org/stable/c/b7a885ba25960c91db237c3f83b4285156789bce"
},
{
"url": "https://git.kernel.org/stable/c/a0a3ace2a57887dac1e7c9a724846040c3e31868"
},
{
"url": "https://git.kernel.org/stable/c/51e8531371f90bee742c63775c9a568e5d6bf3c5"
},
{
"url": "https://git.kernel.org/stable/c/b32e1590a8d22cf7d7f965e46d5576051acf8e42"
},
{
"url": "https://git.kernel.org/stable/c/91a79b792204313153e1bdbbe5acbfc28903b3a5"
}
],
"title": "netfilter: nf_reject: don\u0027t leak dst refcount for loopback packets",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2025-38732",
"datePublished": "2025-09-05T17:20:31.934Z",
"dateReserved": "2025-04-16T04:51:24.033Z",
"dateUpdated": "2025-09-29T05:56:59.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-38732\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-09-05T18:15:42.407\",\"lastModified\":\"2025-09-08T16:25:59.157\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: nf_reject: don\u0027t leak dst refcount for loopback packets\\n\\nrecent patches to add a WARN() when replacing skb dst entry found an\\nold bug:\\n\\nWARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]\\nWARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]\\nWARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234\\n[..]\\nCall Trace:\\n nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325\\n nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27\\n expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]\\n ..\\n\\nThis is because blamed commit forgot about loopback packets.\\nSuch packets already have a dst_entry attached, even at PRE_ROUTING stage.\\n\\nInstead of checking hook just check if the skb already has a route\\nattached to it.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/51e8531371f90bee742c63775c9a568e5d6bf3c5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/7b8b503c06274ef3c6c1a107743f1ec0d0a53ef8\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/82ef97abf22790182f7d433c74960dfd61b99c33\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/91a79b792204313153e1bdbbe5acbfc28903b3a5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a0a3ace2a57887dac1e7c9a724846040c3e31868\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b32e1590a8d22cf7d7f965e46d5576051acf8e42\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/b7a885ba25960c91db237c3f83b4285156789bce\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
ghsa-p76p-fh7v-f8jw
Vulnerability from github
Published
2025-09-05 18:31
Modified
2025-09-05 18:31
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nf_reject: don't leak dst refcount for loopback packets
recent patches to add a WARN() when replacing skb dst entry found an old bug:
WARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline] WARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline] WARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234 [..] Call Trace: nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325 nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27 expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline] ..
This is because blamed commit forgot about loopback packets. Such packets already have a dst_entry attached, even at PRE_ROUTING stage.
Instead of checking hook just check if the skb already has a route attached to it.
{
"affected": [],
"aliases": [
"CVE-2025-38732"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-09-05T18:15:42Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject: don\u0027t leak dst refcount for loopback packets\n\nrecent patches to add a WARN() when replacing skb dst entry found an\nold bug:\n\nWARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]\nWARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]\nWARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234\n[..]\nCall Trace:\n nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325\n nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27\n expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]\n ..\n\nThis is because blamed commit forgot about loopback packets.\nSuch packets already have a dst_entry attached, even at PRE_ROUTING stage.\n\nInstead of checking hook just check if the skb already has a route\nattached to it.",
"id": "GHSA-p76p-fh7v-f8jw",
"modified": "2025-09-05T18:31:25Z",
"published": "2025-09-05T18:31:25Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-38732"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/51e8531371f90bee742c63775c9a568e5d6bf3c5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/7b8b503c06274ef3c6c1a107743f1ec0d0a53ef8"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/82ef97abf22790182f7d433c74960dfd61b99c33"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/91a79b792204313153e1bdbbe5acbfc28903b3a5"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a0a3ace2a57887dac1e7c9a724846040c3e31868"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b32e1590a8d22cf7d7f965e46d5576051acf8e42"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/b7a885ba25960c91db237c3f83b4285156789bce"
}
],
"schema_version": "1.4.0",
"severity": []
}
suse-su-2025:03601-1
Vulnerability from csaf_suse
Published
2025-10-15 12:57
Modified
2025-10-15 12:57
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
- CVE-2025-38216: iommu/vt-d: Restore context entry setup order for aliased devices (bsc#1245963).
- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
- CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
- CVE-2025-38628: vdpa/mlx5: Fix release of uninitialized resources on error path (bsc#1248616).
- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
- CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
- CVE-2025-38710: gfs2: Validate i_depth for exhash directories (bsc#1249201).
- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
- CVE-2025-39816: io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths (bsc#1249906).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
- CVE-2025-39830: net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path (bsc#1249974).
- CVE-2025-39834: net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow (bsc#1250021).
- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
- CVE-2025-39922: ixgbe: fix incorrect map used in eee linkmode (bsc#1250722).
- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
The following non-security bugs were fixed:
- !CONFIG & reference -> this is bug, immediate fail
- 9p/xen: fix init sequence (git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- ACPICA: Fix largest possible resource descriptor index (git-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
- ALSA: lx_core: use int type to store negative error codes (git-fixes).
- ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT (git-fixes).
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: catpt: Expose correct bit depth to userspace (git-fixes).
- ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- Add alt-commit to drm v3d patch
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: ISO: free rx_skb if not consumed (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
- Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements (git-fixes).
- Bluetooth: qca: fix invalid device address check (git-fixes).
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Do not self obsolete older kernel variants
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- Drop PCI patches that broke kdump capture boot (bsc#1246509)
- Drop arm64 patches that may lead to module load failure (bsc#1250057)
- Drop ath12k patch that was reverted in the upstream (git-fixes)
- wrt: Regression fix for wrt s2idle on AMD laptops (bsc#1243112).
- Fix source string __assign_string() (bsc#1238782)
- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
- HID: input: report battery status changes immediately (git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).
- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes).
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).
- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).
- KVM: VMX: Re-enter guest in fastpath for 'spurious' preemption timer exits (git-fixes).
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes).
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).
- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).
- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).
- KVM: x86: Plumb 'force_immediate_exit' into kvm_entry() tracepoint (git-fixes).
- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186)
- Limit patch filenames to 100 characters (bsc#1249604).
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
- NFSv4: Do not clear capabilities that won't be reset (git-fixes).
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).
- RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes).
- Revert 'SUNRPC: Do not allow waiting for exiting tasks' (git-fixes).
- Revert 'drm/amdgpu: fix incorrect vm flags to map bo' (stable-fixes).
- Revert 'usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running' (git-fixes).
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- Squashfs: add additional inode sanity checking (git-fixes).
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
- Update config files. (bsc#1249186) Plain run_oldconfig after Kconfig update.
- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode (git-fixes).
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- bpf/selftests: Fix test_tcpnotify_user (poo#189822).
- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
- bpf: Fix iter/task tid filtering (git-fixes).
- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- bpf: Properly test iter/task tid filtering (git-fixes).
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- bpf: handle implicit declaration of function gettid in bpf_iter.c
- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).
- bpftool: Fix JSON writer resource leak in version command (git-fixes).
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
- btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).
- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
- btrfs: scrub: fix grouping of read IO (git-fixes).
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
- build_bug.h: Add KABI assert (bsc#1249186).
- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
- bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- ceph: validate snapdirname option length when mounting (git-fixes).
- cgroup/cpuset: Fix a partition error with CPU hotplug (bsc#1241166).
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).
- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
- cpufreq: Exit governor when failed to start old governor (stable-fixes).
- cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
- cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon - re-enable address prefetch after device resuming (git-fixes).
- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).
- crypto: hisilicon/qm - request reserved interrupt for virtual function (git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
- crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations (git-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
- docs: admin-guide: update to current minimum pipe size default (git-fixes).
- drivers/base/node: fix double free in register_one_node() (git-fixes).
- drivers/base/node: handle error properly in register_one_node() (git-fixes).
- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).
- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).
- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).
- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
- drm/amd/amdgpu: disable hwmon power1_cap* for gfx 11.0.3 on vf mode (stable-fixes).
- drm/amd/display: Allow RX6xxx & RX7700 to invoke amdgpu_irq_get/put (git-fixes).
- drm/amd/display: Clear the CUR_ENABLE register on DCN314 w/out DPP PG (stable-fixes).
- drm/amd/display: Default IPS to RCG_IN_ACTIVE_IPS2_IN_OFF (git-fixes).
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
- drm/amd/display: Fix mismatch type comparison (stable-fixes).
- drm/amd/display: Fix unnecessary cast warnings from checkpatch (stable-fixes).
- drm/amd/display: Reduce accessing remote DPCD overhead (git-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
- drm/amdgpu/discovery: fix fw based ip discovery (git-fixes).
- drm/amdgpu/discovery: optionally use fw based ip discovery (stable-fixes).
- drm/amdgpu/mes: add missing locking in helper functions (stable-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
- drm/amdgpu: Fix Circular Locking Dependency in AMDGPU GFX Isolation (git-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause (stable-fixes).
- drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13 (stable-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
- drm/amdgpu: fix incorrect MALL size for GFX1151 (stable-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).
- drm/ast: Use msleep instead of mdelay for edid read (git-fixes).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- drm/cirrus-qemu: Fix pitch programming (git-fixes).
- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).
- drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x (git-fixes).
- drm/i915/icl+/tc: Cache the max lane count value (stable-fixes).
- drm/i915/icl+/tc: Convert AUX powered WARN to a debug message (stable-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/msm/dp: account for widebus and yuv420 during mode validation (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/nouveau/gsp: fix potential leak of memory used during acpi init (git-fixes).
- drm/nouveau: select FW caching (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
- drm/panthor: Defer scheduler entitiy destruction to queue release (git-fixes).
- drm/panthor: Fix memory leak in panthor_ioctl_group_create() (git-fixes).
- drm/panthor: validate group queue count (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm/simpledrm: Do not upcast in release helpers (git-fixes).
- drm/xe/bmg: Add new PCI IDs (stable-fixes).
- drm/xe/bmg: Update Wa_22019338487 (git-fixes).
- drm/xe/gsc: do not flush the GSC worker from the reset path (git-fixes).
- drm/xe/tile: Release kobject for the failure path (git-fixes).
- drm/xe: Allow dropping kunit dependency as built-in (git-fixes).
- drm/xe: Attempt to bring bos back to VRAM after eviction (git-fixes).
- drm/xe: Carve out wopcm portion from the stolen memory (git-fixes).
- drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change (git-fixes).
- drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() (git-fixes).
- drm/xe: Fix and re-enable xe_print_blob_ascii85() (git-fixes).
- drm/xe: Move page fault init after topology init (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
- fbcon: Fix OOB access in font allocation (git-fixes).
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).
- i2c: designware: Add disabling clocks when probe fails (git-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- i3c: master: svc: Use manual response for IBI events (git-fixes).
- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5360: use int type to store negative error codes (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes (git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
- iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes).
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- kABI fix for 'netfilter: nf_tables: Audit log rule reset' (git-fixes).
- kABI workaround for 'drm/dp: Add an EDID quirk for the DPCD register access probe' (bsc#1248121).
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- kABI: netfilter flowtable move gc operation to bottom (git-fixes).
- kabi: Restore layout of parallel_data (bsc1248343).
- kabi: add struct cgroup_extra (bsc#1247963).
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).
- media: chips-media: wave5: Fix gray color on screen (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: mc: Fix MUST_CONNECT handling for pads with no links (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).
- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).
- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- mm: move page table sync declarations to linux/pgtable.h (git-fixes).
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
- net: nfc: nci: Add parameter validation for packet data (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount (git-fixes).
- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
- netfilter: conntrack: fix extension size table (git-fixes).
- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).
- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
- netfilter: nf_tables: audit log object reset once per table (git-fixes).
- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
- netfilter: nft_payload: fix wrong mac header matching (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
- nvme-auth: do not re-authenticate queues with no prior authentication (bsc#1227555).
- nvme-pci: try function level reset on init failure (git-fixes).
- nvme-tcp: remove tag set when second admin queue config fails (git-fixes).
- nvmet-auth: always free derived key data (git-fixes).
- nvmet-auth: authenticate on admin queue only (bsc#1227555).
- nvmet: auth: use NULL to clear a pointer in (git-fixes).
- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).
- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: renesas: Use int type to store negative error codes (git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86/intel: power-domains: Use topology_logical_package_id() for package ID (git-fixes).
- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
- platform/x86: think-lmi: Fix class device unregistration (git-fixes).
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
- power: supply: max77976_charger: fix constant current reporting (git-fixes).
- pptp: fix pptp_xmit() error path (git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)
- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
- regulator: scmi: Use int type to store negative error codes (git-fixes).
- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
- rpm: Configure KABI checkingness macro (bsc#1249186).
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- s390/ap: Unmask SLCF bit in card and queue ap functions sysfs (git-fixes bsc#1249183).
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
- s390/debug: Add a reverse mode for debug_dump() (git-fixes jsc#PED-13260).
- s390/debug: Add debug_dump() to write debug view to a string buffer (git-fixes jsc#PED-13260).
- s390/debug: Simplify and document debug_next_entry() logic (git-fixes jsc#PED-13260).
- s390/debug: Split private data alloc/free out of file operations (git-fixes jsc#PED-13260).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
- s390/pci: Add pci_msg debug view to PCI report (git-fixes jsc#PED-13260).
- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
- s390/pci: Report PCI error recovery results via SCLP (git-fixes jsc#PED-13260).
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- sched/fair: Take the scheduling domain into account in (git-fixes)
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).
- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).
- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- supported.conf: mark hyperv_drm as external
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call (git-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
- usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).
- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).
- usb: typec: fusb302: cache PD RX state (git-fixes).
- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- usb: typec: tcpm: properly deliver cable vdms to altmode drivers (git-fixes).
- usb: typec: tipd: Clear interrupts first (git-fixes).
- usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- use uniform permission checks for all mount propagation changes (git-fixes).
- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).
- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).
- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- vsock: Allow retrying on connect() failure (git-fixes).
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).
- vsock: avoid timeout during connect() if the socket is closing (git-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
- wifi: ath11k: Fix DMA buffer allocation to resolve SWIOTLB issues (stable-fixes).
- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).
- wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
- wifi: ath11k: fix group data packet drops during rekey (git-fixes).
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- wifi: ath12k: fix memory leak in ath12k_pci_remove() (stable-fixes).
- wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (git-fixes).
- wifi: ath12k: fix the fetching of combined rssi (git-fixes).
- wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
- wifi: ath12k: fix wrong logging ID used for CE (git-fixes).
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- wifi: iwlwifi: Remove redundant header files (git-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
- wifi: mwifiex: send world regulatory domain to driver (git-fixes).
- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).
- writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776).
- writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776).
- writeback: Avoid excessively long inode switching times (bsc#1237776).
- writeback: Avoid softlockup when switching many inodes (bsc#1237776).
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP (bsc#1245538).
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- xfs: rework datasync tracking and execution (bsc#1237449).
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
- xhci: dbc: decouple endpoint allocation from initialization (git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
Patchnames
SUSE-2025-3601,SUSE-SLE-Module-Basesystem-15-SP7-2025-3601,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3601,SUSE-SLE-Module-Legacy-15-SP7-2025-3601,SUSE-SLE-Module-Live-Patching-15-SP7-2025-3601,SUSE-SLE-Product-HA-15-SP7-2025-3601,SUSE-SLE-Product-WE-15-SP7-2025-3601
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer-\u003epointer (bsc#1249770).\n- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).\n- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).\n- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).\n- CVE-2025-38216: iommu/vt-d: Restore context entry setup order for aliased devices (bsc#1245963).\n- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).\n- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).\n- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).\n- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).\n- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).\n- CVE-2025-38418: remoteproc: core: Release rproc-\u003eclean_table after rproc_attach() fails (bsc#1247137).\n- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).\n- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).\n- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).\n- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).\n- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).\n- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).\n- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).\n- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).\n- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).\n- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).\n- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).\n- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).\n- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).\n- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).\n- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).\n- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).\n- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).\n- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).\n- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).\n- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).\n- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).\n- CVE-2025-38628: vdpa/mlx5: Fix release of uninitialized resources on error path (bsc#1248616).\n- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).\n- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).\n- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).\n- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).\n- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).\n- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).\n- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).\n- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).\n- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).\n- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).\n- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).\n- CVE-2025-38684: net/sched: ets: use old \u0027nbands\u0027 while purging unused classes (bsc#1249156).\n- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).\n- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).\n- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).\n- CVE-2025-38710: gfs2: Validate i_depth for exhash directories (bsc#1249201).\n- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).\n- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).\n- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).\n- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).\n- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).\n- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock-\u003emetric_tbl_addr is non-NULL (bsc#1249290).\n- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).\n- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).\n- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).\n- CVE-2025-39703: net, hsr: reject HSR frame if skb can\u0027t hold tag (bsc#1249315).\n- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).\n- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).\n- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).\n- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).\n- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).\n- CVE-2025-39749: rcu: Protect -\u003edefer_qs_iw_pending from data race (bsc#1249533).\n- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).\n- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).\n- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).\n- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).\n- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).\n- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).\n- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).\n- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn\u0027t use 0 as SPI (bsc#1249608).\n- CVE-2025-39816: io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths (bsc#1249906).\n- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).\n- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).\n- CVE-2025-39830: net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path (bsc#1249974).\n- CVE-2025-39834: net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow (bsc#1250021).\n- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).\n- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).\n- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).\n- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).\n- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).\n- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).\n- CVE-2025-39922: ixgbe: fix incorrect map used in eee linkmode (bsc#1250722).\n- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).\n\nThe following non-security bugs were fixed:\n\n- !CONFIG \u0026 reference -\u003e this is bug, immediate fail\n- 9p/xen: fix init sequence (git-fixes).\n- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).\n- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).\n- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).\n- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).\n- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).\n- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).\n- ACPICA: Fix largest possible resource descriptor index (git-fixes).\n- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).\n- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).\n- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).\n- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).\n- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).\n- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).\n- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).\n- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).\n- ALSA: lx_core: use int type to store negative error codes (git-fixes).\n- ALSA: pcm: Disable bottom softirqs as part of spin_lock_irq() on PREEMPT_RT (git-fixes).\n- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).\n- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).\n- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Convert comma to semicolon (git-fixes).\n- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).\n- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).\n- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).\n- ALSA: usb-audio: move mixer_quirks\u0027 min_mute into common quirk (stable-fixes).\n- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).\n- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).\n- ASoC: Intel: catpt: Expose correct bit depth to userspace (git-fixes).\n- ASoC: Intel: sof_sdw: Prevent jump to NULL add_sidecar callback (git-fixes).\n- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).\n- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).\n- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).\n- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).\n- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).\n- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).\n- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).\n- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).\n- ASoC: wm8940: Correct PLL rate rounding (git-fixes).\n- ASoC: wm8940: Correct typo in control name (git-fixes).\n- ASoC: wm8974: Correct PLL rate rounding (git-fixes).\n- Add alt-commit to drm v3d patch\n- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).\n- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).\n- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).\n- Bluetooth: ISO: free rx_skb if not consumed (git-fixes).\n- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).\n- Bluetooth: MGMT: Fix possible UAFs (git-fixes).\n- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).\n- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).\n- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).\n- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).\n- Bluetooth: hci_sync: Fix using random address for BIG/PA advertisements (git-fixes).\n- Bluetooth: qca: fix invalid device address check (git-fixes).\n- Bluetooth: qca: fix wcn3991 device address check (git-fixes).\n- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).\n- CONFIG \u0026 no reference -\u003e OK temporarily, must be resolved eventually\n- Do not self obsolete older kernel variants\n- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).\n- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).\n- Drop PCI patches that broke kdump capture boot (bsc#1246509)\n- Drop arm64 patches that may lead to module load failure (bsc#1250057) \n- Drop ath12k patch that was reverted in the upstream (git-fixes)\n- wrt: Regression fix for wrt s2idle on AMD laptops (bsc#1243112).\n- Fix source string __assign_string() (bsc#1238782) \n- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).\n- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).\n- HID: input: report battery status changes immediately (git-fixes).\n- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).\n- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).\n- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).\n- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).\n- HID: wacom: Add a new Art Pen 2 (stable-fixes).\n- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)\n- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).\n- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).\n- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).\n- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).\n- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).\n- KVM: VMX: Extract checking of guest\u0027s DEBUGCTL into helper (git-fixes).\n- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).\n- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).\n- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).\n- KVM: VMX: Re-enter guest in fastpath for \u0027spurious\u0027 preemption timer exits (git-fixes).\n- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).\n- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).\n- KVM: x86/xen: Allow \u0027out of range\u0027 event channel ports in IRQ routing table (git-fixes).\n- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).\n- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).\n- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).\n- KVM: x86: Plumb \u0027force_immediate_exit\u0027 into kvm_entry() tracepoint (git-fixes).\n- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).\n- Kconfig.suse: Add KABI checkiness macro (config) (bsc#1249186) \n- Limit patch filenames to 100 characters (bsc#1249604).\n- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).\n- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).\n- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).\n- NFSv4: Do not clear capabilities that won\u0027t be reset (git-fixes).\n- PCI: Extend isolated function probing to LoongArch (git-fixes).\n- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).\n- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).\n- RDMA/mana_ib: Fix DSCP value in modify QP (git-fixes).\n- Revert \u0027SUNRPC: Do not allow waiting for exiting tasks\u0027 (git-fixes).\n- Revert \u0027drm/amdgpu: fix incorrect vm flags to map bo\u0027 (stable-fixes).\n- Revert \u0027usb: xhci: Avoid Stop Endpoint retry loop if the endpoint seems Running\u0027 (git-fixes).\n- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).\n- Squashfs: add additional inode sanity checking (git-fixes).\n- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).\n- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).\n- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).\n- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).\n- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).\n- Update config files. (bsc#1249186) Plain run_oldconfig after Kconfig update.\n- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).\n- arm64: Handle KCOV __init vs inline mismatches (git-fixes)\n- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)\n- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)\n- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)\n- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)\n- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)\n- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)\n- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).\n- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)\n- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)\n- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)\n- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).\n- batman-adv: fix OOB read/write in network-coding decode (git-fixes).\n- bpf, bpftool: Fix incorrect disasm pc (git-fixes).\n- bpf/selftests: Fix test_tcpnotify_user (poo#189822).\n- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).\n- bpf: Fix iter/task tid filtering (git-fixes).\n- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).\n- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).\n- bpf: Properly test iter/task tid filtering (git-fixes).\n- bpf: bpftool: Setting error code in do_loader() (git-fixes).\n- bpf: handle implicit declaration of function gettid in bpf_iter.c\n- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).\n- bpftool: Fix JSON writer resource leak in version command (git-fixes).\n- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).\n- bpftool: Fix readlink usage in get_fd_type (git-fixes).\n- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).\n- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).\n- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).\n- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).\n- btrfs: add cancellation points to trim loops (git-fixes).\n- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).\n- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).\n- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).\n- btrfs: fix data overwriting bug during buffered write when block size \u0026lt; page size (git-fixes).\n- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).\n- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).\n- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).\n- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).\n- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).\n- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).\n- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).\n- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).\n- btrfs: scrub: fix grouping of read IO (git-fixes).\n- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).\n- btrfs: split remaining space to discard in chunks (git-fixes).\n- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).\n- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).\n- build_bug.h: Add KABI assert (bsc#1249186).\n- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).\n- bus: mhi: host: Do not use uninitialized \u0027dev\u0027 pointer in mhi_init_irq_setup() (git-fixes).\n- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).\n- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).\n- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).\n- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).\n- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).\n- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).\n- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).\n- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).\n- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).\n- ceph: validate snapdirname option length when mounting (git-fixes).\n- cgroup/cpuset: Fix a partition error with CPU hotplug (bsc#1241166).\n- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).\n- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).\n- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).\n- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).\n- cgroup: make css_rstat_updated nmi safe (bsc#1247963).\n- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).\n- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).\n- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).\n- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).\n- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).\n- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).\n- cpufreq: Exit governor when failed to start old governor (stable-fixes).\n- cpufreq: Init policy-\u003erwsem before it may be possibly used (git-fixes).\n- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).\n- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).\n- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).\n- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).\n- cpufreq: governor: Fix negative \u0027idle_time\u0027 handling in dbs_update() (git-fixes).\n- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).\n- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).\n- cpufreq: scpi: compare kHz instead of Hz (git-fixes).\n- cpufreq: tegra186: Share policy per cluster (stable-fixes).\n- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).\n- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).\n- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).\n- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).\n- crypto: hisilicon - re-enable address prefetch after device resuming (git-fixes).\n- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).\n- crypto: hisilicon/qm - request reserved interrupt for virtual function (git-fixes).\n- crypto: hisilicon/qm - set NULL to qm-\u003edebug.qm_diff_regs (git-fixes).\n- crypto: hisilicon/zip - remove unnecessary validation for high-performance mode configurations (git-fixes).\n- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).\n- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).\n- crypto: qat - add shutdown handler to qat_c62x (git-fixes).\n- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).\n- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).\n- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).\n- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).\n- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).\n- dmaengine: idxd: Remove improper idxd_free (git-fixes).\n- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).\n- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).\n- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).\n- docs: admin-guide: update to current minimum pipe size default (git-fixes).\n- drivers/base/node: fix double free in register_one_node() (git-fixes).\n- drivers/base/node: handle error properly in register_one_node() (git-fixes).\n- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).\n- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).\n- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).\n- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).\n- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).\n- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).\n- drm/amd/amdgpu: disable hwmon power1_cap* for gfx 11.0.3 on vf mode (stable-fixes).\n- drm/amd/display: Allow RX6xxx \u0026 RX7700 to invoke amdgpu_irq_get/put (git-fixes).\n- drm/amd/display: Clear the CUR_ENABLE register on DCN314 w/out DPP PG (stable-fixes).\n- drm/amd/display: Default IPS to RCG_IN_ACTIVE_IPS2_IN_OFF (git-fixes).\n- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).\n- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).\n- drm/amd/display: Fix mismatch type comparison (stable-fixes).\n- drm/amd/display: Fix unnecessary cast warnings from checkpatch (stable-fixes).\n- drm/amd/display: Reduce accessing remote DPCD overhead (git-fixes).\n- drm/amd/display: Remove redundant semicolons (git-fixes).\n- drm/amd/display: use udelay rather than fsleep (git-fixes).\n- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).\n- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).\n- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).\n- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).\n- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).\n- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).\n- drm/amdgpu/discovery: fix fw based ip discovery (git-fixes).\n- drm/amdgpu/discovery: optionally use fw based ip discovery (stable-fixes).\n- drm/amdgpu/mes: add missing locking in helper functions (stable-fixes).\n- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).\n- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).\n- drm/amdgpu: Fix Circular Locking Dependency in AMDGPU GFX Isolation (git-fixes).\n- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).\n- drm/amdgpu: VCN v5_0_1 to prevent FW checking RB during DPG pause (stable-fixes).\n- drm/amdgpu: add kicker fws loading for gfx11/smu13/psp13 (stable-fixes).\n- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).\n- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).\n- drm/amdgpu: fix incorrect MALL size for GFX1151 (stable-fixes).\n- drm/amdgpu: remove the redeclaration of variable i (git-fixes).\n- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).\n- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).\n- drm/ast: Use msleep instead of mdelay for edid read (git-fixes).\n- drm/bridge: it6505: select REGMAP_I2C (git-fixes).\n- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).\n- drm/cirrus-qemu: Fix pitch programming (git-fixes).\n- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).\n- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).\n- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).\n- drm/edid: Define the quirks in an enum list (bsc#1248121).\n- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).\n- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).\n- drm/i915/dp: Fix 2.7 Gbps DP_LINK_BW value on g4x (git-fixes).\n- drm/i915/icl+/tc: Cache the max lane count value (stable-fixes).\n- drm/i915/icl+/tc: Convert AUX powered WARN to a debug message (stable-fixes).\n- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).\n- drm/mediatek: fix potential OF node use-after-free (git-fixes).\n- drm/msm/dp: account for widebus and yuv420 during mode validation (git-fixes).\n- drm/msm/dpu: fix incorrect type for ret (git-fixes).\n- drm/nouveau/gsp: fix potential leak of memory used during acpi init (git-fixes).\n- drm/nouveau: select FW caching (git-fixes).\n- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).\n- drm/panthor: Defer scheduler entitiy destruction to queue release (git-fixes).\n- drm/panthor: Fix memory leak in panthor_ioctl_group_create() (git-fixes).\n- drm/panthor: validate group queue count (git-fixes).\n- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).\n- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).\n- drm/simpledrm: Do not upcast in release helpers (git-fixes).\n- drm/xe/bmg: Add new PCI IDs (stable-fixes).\n- drm/xe/bmg: Update Wa_22019338487 (git-fixes).\n- drm/xe/gsc: do not flush the GSC worker from the reset path (git-fixes).\n- drm/xe/tile: Release kobject for the failure path (git-fixes).\n- drm/xe: Allow dropping kunit dependency as built-in (git-fixes).\n- drm/xe: Attempt to bring bos back to VRAM after eviction (git-fixes).\n- drm/xe: Carve out wopcm portion from the stolen memory (git-fixes).\n- drm/xe: Ensure fixed_slice_mode gets set after ccs_mode change (git-fixes).\n- drm/xe: Fix a NULL vs IS_ERR() in xe_vm_add_compute_exec_queue() (git-fixes).\n- drm/xe: Fix and re-enable xe_print_blob_ascii85() (git-fixes).\n- drm/xe: Move page fault init after topology init (git-fixes).\n- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).\n- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).\n- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).\n- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).\n- fbcon: Fix OOB access in font allocation (git-fixes).\n- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).\n- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).\n- firmware: meson_sm: fix device leak at probe (git-fixes).\n- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).\n- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).\n- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).\n- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).\n- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).\n- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).\n- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).\n- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).\n- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).\n- i2c: designware: Add disabling clocks when probe fails (git-fixes).\n- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).\n- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).\n- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).\n- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)\n- i3c: Fix default I2C adapter timeout value (git-fixes).\n- i3c: master: svc: Recycle unused IBI slot (git-fixes).\n- i3c: master: svc: Use manual response for IBI events (git-fixes).\n- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).\n- iio: dac: ad5360: use int type to store negative error codes (git-fixes).\n- iio: dac: ad5421: use int type to store negative error codes (git-fixes).\n- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).\n- iio: frequency: adf4350: Fix prescaler usage (git-fixes).\n- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).\n- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).\n- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).\n- iommu/vt-d: Fix __domain_mapping()\u0027s usage of switch_to_super_page() (git-fixes).\n- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206). \n- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).\n- kABI fix for \u0027netfilter: nf_tables: Audit log rule reset\u0027 (git-fixes).\n- kABI workaround for \u0027drm/dp: Add an EDID quirk for the DPCD register access probe\u0027 (bsc#1248121).\n- kABI workaround for RCU tasks exit tracking (bsc#1246298).\n- kABI: adjust new field on ip_ct_sctp struct (git-fixes).\n- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).\n- kABI: make nft_trans_gc_catchall() public again (git-fixes).\n- kABI: netfilter flowtable move gc operation to bottom (git-fixes).\n- kabi: Restore layout of parallel_data (bsc1248343).\n- kabi: add struct cgroup_extra (bsc#1247963).\n- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).\n- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).\n- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522). \n- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).\n- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).\n- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).\n- media: chips-media: wave5: Fix gray color on screen (git-fixes).\n- media: cx18: Add missing check after DMA map (git-fixes).\n- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).\n- media: lirc: Fix error handling in lirc_register() (git-fixes).\n- media: mc: Fix MUST_CONNECT handling for pads with no links (git-fixes).\n- media: pci: ivtv: Add missing check after DMA map (git-fixes).\n- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).\n- media: st-delta: avoid excessive stack usage (git-fixes).\n- media: tuner: xc5000: Fix use-after-free in xc5000_release (git-fixes).\n- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).\n- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).\n- media: zoran: Remove zoran_fh structure (git-fixes).\n- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).\n- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).\n- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).\n- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).\n- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).\n- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).\n- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).\n- mm: move page table sync declarations to linux/pgtable.h (git-fixes).\n- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).\n- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).\n- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).\n- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).\n- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).\n- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).\n- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).\n- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).\n- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).\n- net: nfc: nci: Add parameter validation for packet data (git-fixes).\n- net: phy: fix phy_uses_state_machine() (git-fixes).\n- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).\n- net: rose: convert \u0027use\u0027 field to refcount_t (git-fixes).\n- net: rose: fix a typo in rose_clear_routes() (git-fixes).\n- net: rose: include node references in rose_neigh refcount (git-fixes).\n- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).\n- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).\n- net: usb: cdc-ncm: check for filtering capability (git-fixes).\n- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).\n- netfilter: conntrack: fix extension size table (git-fixes).\n- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).\n- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).\n- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).\n- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).\n- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).\n- netfilter: nf_tables: Audit log rule reset (git-fixes).\n- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).\n- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).\n- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).\n- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).\n- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).\n- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).\n- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).\n- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).\n- netfilter: nf_tables: Unbreak audit log reset (git-fixes).\n- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).\n- netfilter: nf_tables: audit log object reset once per table (git-fixes).\n- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).\n- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).\n- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).\n- netfilter: nf_tables: nft_obj_filter fits into cb-\u003ectx (git-fixes).\n- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).\n- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).\n- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).\n- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).\n- netfilter: nft_payload: fix wrong mac header matching (git-fixes).\n- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).\n- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).\n- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).\n- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).\n- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).\n- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).\n- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).\n- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).\n- nvme-auth: do not re-authenticate queues with no prior authentication (bsc#1227555).\n- nvme-pci: try function level reset on init failure (git-fixes).\n- nvme-tcp: remove tag set when second admin queue config fails (git-fixes).\n- nvmet-auth: always free derived key data (git-fixes).\n- nvmet-auth: authenticate on admin queue only (bsc#1227555).\n- nvmet: auth: use NULL to clear a pointer in (git-fixes).\n- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).\n- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).\n- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).\n- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).\n- phy: ti-pipe3: fix device leak at unbind (git-fixes).\n- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).\n- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).\n- pinctrl: renesas: Use int type to store negative error codes (git-fixes).\n- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).\n- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).\n- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).\n- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).\n- platform/x86/intel: power-domains: Use topology_logical_package_id() for package ID (git-fixes).\n- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).\n- platform/x86: think-lmi: Fix class device unregistration (git-fixes).\n- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).\n- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).\n- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).\n- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).\n- power: supply: max77976_charger: fix constant current reporting (git-fixes).\n- pptp: fix pptp_xmit() error path (git-fixes).\n- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).\n- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).\n- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).\n- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)\n- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)\n- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)\n- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)\n- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)\n- rcu-tasks: Maintain real-time response in (bsc#1246298)\n- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)\n- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)\n- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)\n- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).\n- regulator: scmi: Use int type to store negative error codes (git-fixes).\n- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).\n- rpm: Configure KABI checkingness macro (bsc#1249186).\n- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).\n- rpm: Link arch-symbols script from scripts directory.\n- rpm: Link guards script from scripts directory.\n- s390/ap: Unmask SLCF bit in card and queue ap functions sysfs (git-fixes bsc#1249183).\n- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).\n- s390/debug: Add a reverse mode for debug_dump() (git-fixes jsc#PED-13260).\n- s390/debug: Add debug_dump() to write debug view to a string buffer (git-fixes jsc#PED-13260).\n- s390/debug: Simplify and document debug_next_entry() logic (git-fixes jsc#PED-13260).\n- s390/debug: Split private data alloc/free out of file operations (git-fixes jsc#PED-13260).\n- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).\n- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).\n- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).\n- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).\n- s390/pci: Add pci_msg debug view to PCI report (git-fixes jsc#PED-13260).\n- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).\n- s390/pci: Report PCI error recovery results via SCLP (git-fixes jsc#PED-13260).\n- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).\n- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).\n- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).\n- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).\n- sched/deadline: Collect sched_dl_entity initialization (git-fixes)\n- sched/fair: Remove unused parameter from sched_asym() (git-fixes)\n- sched/fair: Take the scheduling domain into account in (git-fixes)\n- sched/isolation: Fix boot crash when maxcpus \u0026lt; first (git-fixes)\n- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)\n- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).\n- selftests/bpf: Add asserts for netfilter link info (git-fixes).\n- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).\n- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).\n- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).\n- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).\n- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).\n- serial: max310x: Add error checking in probe() (git-fixes).\n- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).\n- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).\n- spi: bcm2835: Remove redundant semicolons (git-fixes).\n- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).\n- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).\n- spi: mtk-snfi: Remove redundant semicolons (git-fixes).\n- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).\n- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).\n- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).\n- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).\n- struct l2cap_chan: shift new member rx_avail to end (git-fixes).\n- supported.conf: mark hyperv_drm as external\n- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).\n- thunderbolt: Compare HMAC values in constant time (git-fixes).\n- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).\n- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).\n- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).\n- usb: cdns3: cdnsp-pci: remove redundant pci_disable_device() call (git-fixes).\n- usb: core: Add 0x prefix to quirks debug output (stable-fixes).\n- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).\n- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).\n- usb: gadget: configfs: Correctly set use_os_string at bind (git-fixes).\n- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).\n- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).\n- usb: phy: twl6030: Fix incorrect type for ret (git-fixes).\n- usb: typec: fusb302: cache PD RX state (git-fixes).\n- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).\n- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).\n- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).\n- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).\n- usb: typec: tcpm: properly deliver cable vdms to altmode drivers (git-fixes).\n- usb: typec: tipd: Clear interrupts first (git-fixes).\n- usb: vhci-hcd: Prevent suspending virtually attached devices (git-fixes).\n- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).\n- use uniform permission checks for all mount propagation changes (git-fixes).\n- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).\n- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).\n- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).\n- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).\n- vhost: fail early when __vhost_add_used() fails (git-fixes).\n- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).\n- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).\n- vsock: Allow retrying on connect() failure (git-fixes).\n- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).\n- vsock: avoid timeout during connect() if the socket is closing (git-fixes).\n- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).\n- wifi: ath11k: Fix DMA buffer allocation to resolve SWIOTLB issues (stable-fixes).\n- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).\n- wifi: ath11k: Use dma_alloc_noncoherent for rx_tid buffer allocation (stable-fixes).\n- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).\n- wifi: ath11k: fix group data packet drops during rekey (git-fixes).\n- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).\n- wifi: ath12k: fix memory leak in ath12k_pci_remove() (stable-fixes).\n- wifi: ath12k: fix memory leak in ath12k_service_ready_ext_event (git-fixes).\n- wifi: ath12k: fix the fetching of combined rssi (git-fixes).\n- wifi: ath12k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).\n- wifi: ath12k: fix wrong logging ID used for CE (git-fixes).\n- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).\n- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).\n- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).\n- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).\n- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).\n- wifi: iwlwifi: Remove redundant header files (git-fixes).\n- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).\n- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).\n- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).\n- wifi: mac80211: fix incorrect type for ret (stable-fixes).\n- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).\n- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).\n- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).\n- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).\n- wifi: mwifiex: send world regulatory domain to driver (git-fixes).\n- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).\n- wifi: virt_wifi: Fix page fault on connect (stable-fixes).\n- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).\n- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).\n- writeback: Avoid contention on wb-\u003elist_lock when switching inodes (bsc#1237776).\n- writeback: Avoid contention on wb-\u003elist_lock when switching inodes (kABI fixup) (bsc#1237776).\n- writeback: Avoid excessively long inode switching times (bsc#1237776).\n- writeback: Avoid softlockup when switching many inodes (bsc#1237776).\n- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).\n- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).\n- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).\n- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).\n- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).\n- x86/kvm: Force legacy PCI hole to UC when overriding MTRRs for TDX/SNP (bsc#1245538).\n- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).\n- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).\n- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).\n- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).\n- xen/netfront: Fix TX response spurious interrupts (git-fixes).\n- xen: Add support for XenServer 6.1 platform device (git-fixes).\n- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).\n- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).\n- xfs: rework datasync tracking and execution (bsc#1237449).\n- xhci: Fix control transfer error on Etron xHCI host (git-fixes).\n- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).\n- xhci: dbc: decouple endpoint allocation from initialization (git-fixes).\n- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).\n- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-3601,SUSE-SLE-Module-Basesystem-15-SP7-2025-3601,SUSE-SLE-Module-Development-Tools-15-SP7-2025-3601,SUSE-SLE-Module-Legacy-15-SP7-2025-3601,SUSE-SLE-Module-Live-Patching-15-SP7-2025-3601,SUSE-SLE-Product-HA-15-SP7-2025-3601,SUSE-SLE-Product-WE-15-SP7-2025-3601",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_03601-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:03601-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202503601-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:03601-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2025-October/042167.html"
},
{
"category": "self",
"summary": "SUSE Bug 1212533",
"url": "https://bugzilla.suse.com/1212533"
},
{
"category": "self",
"summary": "SUSE Bug 1216527",
"url": "https://bugzilla.suse.com/1216527"
},
{
"category": "self",
"summary": "SUSE Bug 1218644",
"url": "https://bugzilla.suse.com/1218644"
},
{
"category": "self",
"summary": "SUSE Bug 1227555",
"url": "https://bugzilla.suse.com/1227555"
},
{
"category": "self",
"summary": "SUSE Bug 1230062",
"url": "https://bugzilla.suse.com/1230062"
},
{
"category": "self",
"summary": "SUSE Bug 1236897",
"url": "https://bugzilla.suse.com/1236897"
},
{
"category": "self",
"summary": "SUSE Bug 1237449",
"url": "https://bugzilla.suse.com/1237449"
},
{
"category": "self",
"summary": "SUSE Bug 1237776",
"url": "https://bugzilla.suse.com/1237776"
},
{
"category": "self",
"summary": "SUSE Bug 1238782",
"url": "https://bugzilla.suse.com/1238782"
},
{
"category": "self",
"summary": "SUSE Bug 1240324",
"url": "https://bugzilla.suse.com/1240324"
},
{
"category": "self",
"summary": "SUSE Bug 1241166",
"url": "https://bugzilla.suse.com/1241166"
},
{
"category": "self",
"summary": "SUSE Bug 1241292",
"url": "https://bugzilla.suse.com/1241292"
},
{
"category": "self",
"summary": "SUSE Bug 1241866",
"url": "https://bugzilla.suse.com/1241866"
},
{
"category": "self",
"summary": "SUSE Bug 1243112",
"url": "https://bugzilla.suse.com/1243112"
},
{
"category": "self",
"summary": "SUSE Bug 1245538",
"url": "https://bugzilla.suse.com/1245538"
},
{
"category": "self",
"summary": "SUSE Bug 1245700",
"url": "https://bugzilla.suse.com/1245700"
},
{
"category": "self",
"summary": "SUSE Bug 1245963",
"url": "https://bugzilla.suse.com/1245963"
},
{
"category": "self",
"summary": "SUSE Bug 1246057",
"url": "https://bugzilla.suse.com/1246057"
},
{
"category": "self",
"summary": "SUSE Bug 1246190",
"url": "https://bugzilla.suse.com/1246190"
},
{
"category": "self",
"summary": "SUSE Bug 1246248",
"url": "https://bugzilla.suse.com/1246248"
},
{
"category": "self",
"summary": "SUSE Bug 1246298",
"url": "https://bugzilla.suse.com/1246298"
},
{
"category": "self",
"summary": "SUSE Bug 1246509",
"url": "https://bugzilla.suse.com/1246509"
},
{
"category": "self",
"summary": "SUSE Bug 1246782",
"url": "https://bugzilla.suse.com/1246782"
},
{
"category": "self",
"summary": "SUSE Bug 1247099",
"url": "https://bugzilla.suse.com/1247099"
},
{
"category": "self",
"summary": "SUSE Bug 1247126",
"url": "https://bugzilla.suse.com/1247126"
},
{
"category": "self",
"summary": "SUSE Bug 1247136",
"url": "https://bugzilla.suse.com/1247136"
},
{
"category": "self",
"summary": "SUSE Bug 1247137",
"url": "https://bugzilla.suse.com/1247137"
},
{
"category": "self",
"summary": "SUSE Bug 1247223",
"url": "https://bugzilla.suse.com/1247223"
},
{
"category": "self",
"summary": "SUSE Bug 1247239",
"url": "https://bugzilla.suse.com/1247239"
},
{
"category": "self",
"summary": "SUSE Bug 1247262",
"url": "https://bugzilla.suse.com/1247262"
},
{
"category": "self",
"summary": "SUSE Bug 1247442",
"url": "https://bugzilla.suse.com/1247442"
},
{
"category": "self",
"summary": "SUSE Bug 1247483",
"url": "https://bugzilla.suse.com/1247483"
},
{
"category": "self",
"summary": "SUSE Bug 1247963",
"url": "https://bugzilla.suse.com/1247963"
},
{
"category": "self",
"summary": "SUSE Bug 1248111",
"url": "https://bugzilla.suse.com/1248111"
},
{
"category": "self",
"summary": "SUSE Bug 1248121",
"url": "https://bugzilla.suse.com/1248121"
},
{
"category": "self",
"summary": "SUSE Bug 1248192",
"url": "https://bugzilla.suse.com/1248192"
},
{
"category": "self",
"summary": "SUSE Bug 1248199",
"url": "https://bugzilla.suse.com/1248199"
},
{
"category": "self",
"summary": "SUSE Bug 1248200",
"url": "https://bugzilla.suse.com/1248200"
},
{
"category": "self",
"summary": "SUSE Bug 1248202",
"url": "https://bugzilla.suse.com/1248202"
},
{
"category": "self",
"summary": "SUSE Bug 1248225",
"url": "https://bugzilla.suse.com/1248225"
},
{
"category": "self",
"summary": "SUSE Bug 1248296",
"url": "https://bugzilla.suse.com/1248296"
},
{
"category": "self",
"summary": "SUSE Bug 1248334",
"url": "https://bugzilla.suse.com/1248334"
},
{
"category": "self",
"summary": "SUSE Bug 1248343",
"url": "https://bugzilla.suse.com/1248343"
},
{
"category": "self",
"summary": "SUSE Bug 1248357",
"url": "https://bugzilla.suse.com/1248357"
},
{
"category": "self",
"summary": "SUSE Bug 1248360",
"url": "https://bugzilla.suse.com/1248360"
},
{
"category": "self",
"summary": "SUSE Bug 1248365",
"url": "https://bugzilla.suse.com/1248365"
},
{
"category": "self",
"summary": "SUSE Bug 1248378",
"url": "https://bugzilla.suse.com/1248378"
},
{
"category": "self",
"summary": "SUSE Bug 1248380",
"url": "https://bugzilla.suse.com/1248380"
},
{
"category": "self",
"summary": "SUSE Bug 1248392",
"url": "https://bugzilla.suse.com/1248392"
},
{
"category": "self",
"summary": "SUSE Bug 1248512",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "self",
"summary": "SUSE Bug 1248610",
"url": "https://bugzilla.suse.com/1248610"
},
{
"category": "self",
"summary": "SUSE Bug 1248616",
"url": "https://bugzilla.suse.com/1248616"
},
{
"category": "self",
"summary": "SUSE Bug 1248619",
"url": "https://bugzilla.suse.com/1248619"
},
{
"category": "self",
"summary": "SUSE Bug 1248622",
"url": "https://bugzilla.suse.com/1248622"
},
{
"category": "self",
"summary": "SUSE Bug 1248626",
"url": "https://bugzilla.suse.com/1248626"
},
{
"category": "self",
"summary": "SUSE Bug 1248628",
"url": "https://bugzilla.suse.com/1248628"
},
{
"category": "self",
"summary": "SUSE Bug 1248634",
"url": "https://bugzilla.suse.com/1248634"
},
{
"category": "self",
"summary": "SUSE Bug 1248639",
"url": "https://bugzilla.suse.com/1248639"
},
{
"category": "self",
"summary": "SUSE Bug 1248647",
"url": "https://bugzilla.suse.com/1248647"
},
{
"category": "self",
"summary": "SUSE Bug 1248674",
"url": "https://bugzilla.suse.com/1248674"
},
{
"category": "self",
"summary": "SUSE Bug 1248681",
"url": "https://bugzilla.suse.com/1248681"
},
{
"category": "self",
"summary": "SUSE Bug 1248733",
"url": "https://bugzilla.suse.com/1248733"
},
{
"category": "self",
"summary": "SUSE Bug 1248734",
"url": "https://bugzilla.suse.com/1248734"
},
{
"category": "self",
"summary": "SUSE Bug 1248735",
"url": "https://bugzilla.suse.com/1248735"
},
{
"category": "self",
"summary": "SUSE Bug 1248775",
"url": "https://bugzilla.suse.com/1248775"
},
{
"category": "self",
"summary": "SUSE Bug 1249122",
"url": "https://bugzilla.suse.com/1249122"
},
{
"category": "self",
"summary": "SUSE Bug 1249123",
"url": "https://bugzilla.suse.com/1249123"
},
{
"category": "self",
"summary": "SUSE Bug 1249124",
"url": "https://bugzilla.suse.com/1249124"
},
{
"category": "self",
"summary": "SUSE Bug 1249125",
"url": "https://bugzilla.suse.com/1249125"
},
{
"category": "self",
"summary": "SUSE Bug 1249126",
"url": "https://bugzilla.suse.com/1249126"
},
{
"category": "self",
"summary": "SUSE Bug 1249143",
"url": "https://bugzilla.suse.com/1249143"
},
{
"category": "self",
"summary": "SUSE Bug 1249156",
"url": "https://bugzilla.suse.com/1249156"
},
{
"category": "self",
"summary": "SUSE Bug 1249163",
"url": "https://bugzilla.suse.com/1249163"
},
{
"category": "self",
"summary": "SUSE Bug 1249172",
"url": "https://bugzilla.suse.com/1249172"
},
{
"category": "self",
"summary": "SUSE Bug 1249176",
"url": "https://bugzilla.suse.com/1249176"
},
{
"category": "self",
"summary": "SUSE Bug 1249183",
"url": "https://bugzilla.suse.com/1249183"
},
{
"category": "self",
"summary": "SUSE Bug 1249186",
"url": "https://bugzilla.suse.com/1249186"
},
{
"category": "self",
"summary": "SUSE Bug 1249193",
"url": "https://bugzilla.suse.com/1249193"
},
{
"category": "self",
"summary": "SUSE Bug 1249199",
"url": "https://bugzilla.suse.com/1249199"
},
{
"category": "self",
"summary": "SUSE Bug 1249201",
"url": "https://bugzilla.suse.com/1249201"
},
{
"category": "self",
"summary": "SUSE Bug 1249202",
"url": "https://bugzilla.suse.com/1249202"
},
{
"category": "self",
"summary": "SUSE Bug 1249206",
"url": "https://bugzilla.suse.com/1249206"
},
{
"category": "self",
"summary": "SUSE Bug 1249258",
"url": "https://bugzilla.suse.com/1249258"
},
{
"category": "self",
"summary": "SUSE Bug 1249262",
"url": "https://bugzilla.suse.com/1249262"
},
{
"category": "self",
"summary": "SUSE Bug 1249274",
"url": "https://bugzilla.suse.com/1249274"
},
{
"category": "self",
"summary": "SUSE Bug 1249284",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "self",
"summary": "SUSE Bug 1249290",
"url": "https://bugzilla.suse.com/1249290"
},
{
"category": "self",
"summary": "SUSE Bug 1249295",
"url": "https://bugzilla.suse.com/1249295"
},
{
"category": "self",
"summary": "SUSE Bug 1249300",
"url": "https://bugzilla.suse.com/1249300"
},
{
"category": "self",
"summary": "SUSE Bug 1249303",
"url": "https://bugzilla.suse.com/1249303"
},
{
"category": "self",
"summary": "SUSE Bug 1249305",
"url": "https://bugzilla.suse.com/1249305"
},
{
"category": "self",
"summary": "SUSE Bug 1249306",
"url": "https://bugzilla.suse.com/1249306"
},
{
"category": "self",
"summary": "SUSE Bug 1249315",
"url": "https://bugzilla.suse.com/1249315"
},
{
"category": "self",
"summary": "SUSE Bug 1249333",
"url": "https://bugzilla.suse.com/1249333"
},
{
"category": "self",
"summary": "SUSE Bug 1249334",
"url": "https://bugzilla.suse.com/1249334"
},
{
"category": "self",
"summary": "SUSE Bug 1249374",
"url": "https://bugzilla.suse.com/1249374"
},
{
"category": "self",
"summary": "SUSE Bug 1249481",
"url": "https://bugzilla.suse.com/1249481"
},
{
"category": "self",
"summary": "SUSE Bug 1249482",
"url": "https://bugzilla.suse.com/1249482"
},
{
"category": "self",
"summary": "SUSE Bug 1249488",
"url": "https://bugzilla.suse.com/1249488"
},
{
"category": "self",
"summary": "SUSE Bug 1249494",
"url": "https://bugzilla.suse.com/1249494"
},
{
"category": "self",
"summary": "SUSE Bug 1249504",
"url": "https://bugzilla.suse.com/1249504"
},
{
"category": "self",
"summary": "SUSE Bug 1249508",
"url": "https://bugzilla.suse.com/1249508"
},
{
"category": "self",
"summary": "SUSE Bug 1249510",
"url": "https://bugzilla.suse.com/1249510"
},
{
"category": "self",
"summary": "SUSE Bug 1249513",
"url": "https://bugzilla.suse.com/1249513"
},
{
"category": "self",
"summary": "SUSE Bug 1249516",
"url": "https://bugzilla.suse.com/1249516"
},
{
"category": "self",
"summary": "SUSE Bug 1249524",
"url": "https://bugzilla.suse.com/1249524"
},
{
"category": "self",
"summary": "SUSE Bug 1249526",
"url": "https://bugzilla.suse.com/1249526"
},
{
"category": "self",
"summary": "SUSE Bug 1249533",
"url": "https://bugzilla.suse.com/1249533"
},
{
"category": "self",
"summary": "SUSE Bug 1249540",
"url": "https://bugzilla.suse.com/1249540"
},
{
"category": "self",
"summary": "SUSE Bug 1249545",
"url": "https://bugzilla.suse.com/1249545"
},
{
"category": "self",
"summary": "SUSE Bug 1249566",
"url": "https://bugzilla.suse.com/1249566"
},
{
"category": "self",
"summary": "SUSE Bug 1249604",
"url": "https://bugzilla.suse.com/1249604"
},
{
"category": "self",
"summary": "SUSE Bug 1249608",
"url": "https://bugzilla.suse.com/1249608"
},
{
"category": "self",
"summary": "SUSE Bug 1249770",
"url": "https://bugzilla.suse.com/1249770"
},
{
"category": "self",
"summary": "SUSE Bug 1249887",
"url": "https://bugzilla.suse.com/1249887"
},
{
"category": "self",
"summary": "SUSE Bug 1249906",
"url": "https://bugzilla.suse.com/1249906"
},
{
"category": "self",
"summary": "SUSE Bug 1249915",
"url": "https://bugzilla.suse.com/1249915"
},
{
"category": "self",
"summary": "SUSE Bug 1249974",
"url": "https://bugzilla.suse.com/1249974"
},
{
"category": "self",
"summary": "SUSE Bug 1250002",
"url": "https://bugzilla.suse.com/1250002"
},
{
"category": "self",
"summary": "SUSE Bug 1250021",
"url": "https://bugzilla.suse.com/1250021"
},
{
"category": "self",
"summary": "SUSE Bug 1250025",
"url": "https://bugzilla.suse.com/1250025"
},
{
"category": "self",
"summary": "SUSE Bug 1250057",
"url": "https://bugzilla.suse.com/1250057"
},
{
"category": "self",
"summary": "SUSE Bug 1250179",
"url": "https://bugzilla.suse.com/1250179"
},
{
"category": "self",
"summary": "SUSE Bug 1250251",
"url": "https://bugzilla.suse.com/1250251"
},
{
"category": "self",
"summary": "SUSE Bug 1250267",
"url": "https://bugzilla.suse.com/1250267"
},
{
"category": "self",
"summary": "SUSE Bug 1250294",
"url": "https://bugzilla.suse.com/1250294"
},
{
"category": "self",
"summary": "SUSE Bug 1250334",
"url": "https://bugzilla.suse.com/1250334"
},
{
"category": "self",
"summary": "SUSE Bug 1250336",
"url": "https://bugzilla.suse.com/1250336"
},
{
"category": "self",
"summary": "SUSE Bug 1250344",
"url": "https://bugzilla.suse.com/1250344"
},
{
"category": "self",
"summary": "SUSE Bug 1250365",
"url": "https://bugzilla.suse.com/1250365"
},
{
"category": "self",
"summary": "SUSE Bug 1250407",
"url": "https://bugzilla.suse.com/1250407"
},
{
"category": "self",
"summary": "SUSE Bug 1250522",
"url": "https://bugzilla.suse.com/1250522"
},
{
"category": "self",
"summary": "SUSE Bug 1250530",
"url": "https://bugzilla.suse.com/1250530"
},
{
"category": "self",
"summary": "SUSE Bug 1250574",
"url": "https://bugzilla.suse.com/1250574"
},
{
"category": "self",
"summary": "SUSE Bug 1250655",
"url": "https://bugzilla.suse.com/1250655"
},
{
"category": "self",
"summary": "SUSE Bug 1250722",
"url": "https://bugzilla.suse.com/1250722"
},
{
"category": "self",
"summary": "SUSE Bug 1250952",
"url": "https://bugzilla.suse.com/1250952"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53261 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5633 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-58090 page",
"url": "https://www.suse.com/security/cve/CVE-2024-58090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-22022 page",
"url": "https://www.suse.com/security/cve/CVE-2025-22022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38119 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38216 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38216/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38234 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38255 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38255/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38351 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38351/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38402 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38408 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38418 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38419 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38456 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38456/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38466 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38488 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38488/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38514 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38514/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38526 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38526/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38527 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38527/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38533 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38533/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38544 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38556 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38574 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38584 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38590 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38593 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38595 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38597 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38605 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38614 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38622 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38623 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38628 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38639 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38640 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38643 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38645 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38659 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38660 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38664 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38668 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38676 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38679 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38684 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38701 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38701/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38709 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38709/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38710 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38710/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38721 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38722 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38730 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38732 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38732/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39677 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39677/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39678 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39681 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39682 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39682/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39691 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39695 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39703 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39705 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39705/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39707 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39711 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39738 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39738/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39744 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39744/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39746 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39746/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39747 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39747/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39749 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39754 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39764 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39766 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39770 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39770/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39773 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39782 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39787 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39807 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39811 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39816 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39823 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39825 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39830 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39834 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39835 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39838 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39842 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39857 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39865 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39885 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39890 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39922 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40300 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40300/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-10-15T12:57:01Z",
"generator": {
"date": "2025-10-15T12:57:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:03601-1",
"initial_release_date": "2025-10-15T12:57:01Z",
"revision_history": [
{
"date": "2025-10-15T12:57:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "cluster-md-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product_id": "cluster-md-kmp-64kb-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dlm-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product_id": "dlm-kmp-64kb-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-allwinner-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-allwinner-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-allwinner-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-altera-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-altera-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-altera-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amazon-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-amazon-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-amazon-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amd-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-amd-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-amd-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-amlogic-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-amlogic-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-amlogic-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apm-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-apm-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-apm-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-apple-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-apple-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-apple-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-arm-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-arm-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-arm-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-broadcom-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-broadcom-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-broadcom-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-cavium-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-cavium-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-cavium-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-exynos-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-exynos-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-exynos-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-freescale-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-freescale-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-freescale-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-hisilicon-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-hisilicon-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-hisilicon-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-lg-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-lg-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-lg-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-marvell-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-marvell-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-marvell-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-mediatek-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-mediatek-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-mediatek-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-nvidia-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-nvidia-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-nvidia-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-qcom-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-qcom-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-qcom-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-renesas-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-renesas-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-renesas-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-rockchip-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-rockchip-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-rockchip-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-socionext-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-socionext-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-socionext-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-sprd-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-sprd-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-sprd-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "dtb-xilinx-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "dtb-xilinx-6.4.0-150700.53.19.1.aarch64",
"product_id": "dtb-xilinx-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "gfs2-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product_id": "gfs2-kmp-64kb-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-64kb-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-extra-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-64kb-extra-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-64kb-extra-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-64kb-optional-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-64kb-optional-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-64kb-optional-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-default-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"product_id": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.19.1.150700.17.13.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-default-devel-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-default-extra-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-default-optional-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-obs-build-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.19.1.aarch64",
"product_id": "kernel-syms-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kselftests-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product_id": "kselftests-kmp-64kb-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "ocfs2-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product_id": "ocfs2-kmp-64kb-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "reiserfs-kmp-64kb-6.4.0-150700.53.19.1.aarch64",
"product_id": "reiserfs-kmp-64kb-6.4.0-150700.53.19.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-150700.53.19.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-150700.53.19.1.noarch",
"product_id": "kernel-devel-6.4.0-150700.53.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-6.4.0-150700.53.19.1.noarch",
"product": {
"name": "kernel-docs-6.4.0-150700.53.19.1.noarch",
"product_id": "kernel-docs-6.4.0-150700.53.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-6.4.0-150700.53.19.1.noarch",
"product": {
"name": "kernel-docs-html-6.4.0-150700.53.19.1.noarch",
"product_id": "kernel-docs-html-6.4.0-150700.53.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-150700.53.19.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-150700.53.19.1.noarch",
"product_id": "kernel-macros-6.4.0-150700.53.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-150700.53.19.1.noarch",
"product": {
"name": "kernel-source-6.4.0-150700.53.19.1.noarch",
"product_id": "kernel-source-6.4.0-150700.53.19.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-6.4.0-150700.53.19.1.noarch",
"product": {
"name": "kernel-source-vanilla-6.4.0-150700.53.19.1.noarch",
"product_id": "kernel-source-vanilla-6.4.0-150700.53.19.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product_id": "dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-default-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-default-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"product_id": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-default-devel-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-default-extra-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-default-optional-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"product_id": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-obs-build-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-obs-qa-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kernel-syms-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"product_id": "dlm-kmp-default-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-default-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-default-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-default-devel-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-default-extra-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-default-optional-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"product_id": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-obs-build-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-obs-qa-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-syms-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-syms-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"product_id": "kernel-zfcpdump-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.19.1.s390x",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product_id": "cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product_id": "dlm-kmp-default-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product_id": "gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-default-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"product_id": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-rebuild-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"product": {
"name": "kernel-default-base-rebuild-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"product_id": "kernel-default-base-rebuild-6.4.0-150700.53.19.1.150700.17.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-default-devel-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-default-extra-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-optional-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-default-optional-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-default-optional-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-vdso-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-default-vdso-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-default-vdso-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-kvmsmall-devel-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-kvmsmall-vdso-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-kvmsmall-vdso-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"product": {
"name": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"product_id": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-obs-build-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-obs-qa-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-obs-qa-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kernel-syms-6.4.0-150700.53.19.1.x86_64",
"product_id": "kernel-syms-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "kselftests-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product_id": "kselftests-kmp-default-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product_id": "ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"product_id": "reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-live-patching:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "kernel-default-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "kernel-default-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-150700.53.19.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-150700.53.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-150700.53.19.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-150700.53.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-6.4.0-150700.53.19.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch"
},
"product_reference": "kernel-docs-6.4.0-150700.53.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-150700.53.19.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch"
},
"product_reference": "kernel-source-6.4.0-150700.53.19.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "kernel-syms-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "kernel-syms-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP7",
"product_id": "SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64"
},
"product_reference": "kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP7",
"product_id": "SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-6.4.0-150700.53.19.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
},
"product_reference": "kernel-default-extra-6.4.0-150700.53.19.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: Fix memory leak in acpi_buffer-\u003epointer\n\nThere are memory leaks reported by kmemleak:\n...\nunreferenced object 0xffff00213c141000 (size 1024):\n comm \"systemd-udevd\", pid 2123, jiffies 4294909467 (age 6062.160s)\n hex dump (first 32 bytes):\n 04 00 00 00 02 00 00 00 18 10 14 3c 21 00 ff ff ...........\u003c!...\n 00 00 00 00 00 00 00 00 03 00 00 00 10 00 00 00 ................\n backtrace:\n [\u003c000000004b7c9001\u003e] __kmem_cache_alloc_node+0x2f8/0x348\n [\u003c00000000b0fc7ceb\u003e] __kmalloc+0x58/0x108\n [\u003c0000000064ff4695\u003e] acpi_os_allocate+0x2c/0x68\n [\u003c000000007d57d116\u003e] acpi_ut_initialize_buffer+0x54/0xe0\n [\u003c0000000024583908\u003e] acpi_evaluate_object+0x388/0x438\n [\u003c0000000017b2e72b\u003e] acpi_evaluate_object_typed+0xe8/0x240\n [\u003c000000005df0eac2\u003e] coresight_get_platform_data+0x1b4/0x988 [coresight]\n...\n\nThe ACPI buffer memory (buf.pointer) should be freed. But the buffer\nis also used after returning from acpi_get_dsd_graph().\nMove the temporary variables buf to acpi_coresight_parse_graph(),\nand free it before the function return to prevent memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53261",
"url": "https://www.suse.com/security/cve/CVE-2023-53261"
},
{
"category": "external",
"summary": "SUSE Bug 1249770 for CVE-2023-53261",
"url": "https://bugzilla.suse.com/1249770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "low"
}
],
"title": "CVE-2023-53261"
},
{
"cve": "CVE-2023-5633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5633"
}
],
"notes": [
{
"category": "general",
"text": "The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user could potentially use this flaw to escalate their privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5633",
"url": "https://www.suse.com/security/cve/CVE-2023-5633"
},
{
"category": "external",
"summary": "SUSE Bug 1216527 for CVE-2023-5633",
"url": "https://bugzilla.suse.com/1216527"
},
{
"category": "external",
"summary": "SUSE Bug 1216645 for CVE-2023-5633",
"url": "https://bugzilla.suse.com/1216645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2023-5633"
},
{
"cve": "CVE-2024-58090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-58090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/core: Prevent rescheduling when interrupts are disabled\n\nDavid reported a warning observed while loop testing kexec jump:\n\n Interrupts enabled after irqrouter_resume+0x0/0x50\n WARNING: CPU: 0 PID: 560 at drivers/base/syscore.c:103 syscore_resume+0x18a/0x220\n kernel_kexec+0xf6/0x180\n __do_sys_reboot+0x206/0x250\n do_syscall_64+0x95/0x180\n\nThe corresponding interrupt flag trace:\n\n hardirqs last enabled at (15573): [\u003cffffffffa8281b8e\u003e] __up_console_sem+0x7e/0x90\n hardirqs last disabled at (15580): [\u003cffffffffa8281b73\u003e] __up_console_sem+0x63/0x90\n\nThat means __up_console_sem() was invoked with interrupts enabled. Further\ninstrumentation revealed that in the interrupt disabled section of kexec\njump one of the syscore_suspend() callbacks woke up a task, which set the\nNEED_RESCHED flag. A later callback in the resume path invoked\ncond_resched() which in turn led to the invocation of the scheduler:\n\n __cond_resched+0x21/0x60\n down_timeout+0x18/0x60\n acpi_os_wait_semaphore+0x4c/0x80\n acpi_ut_acquire_mutex+0x3d/0x100\n acpi_ns_get_node+0x27/0x60\n acpi_ns_evaluate+0x1cb/0x2d0\n acpi_rs_set_srs_method_data+0x156/0x190\n acpi_pci_link_set+0x11c/0x290\n irqrouter_resume+0x54/0x60\n syscore_resume+0x6a/0x200\n kernel_kexec+0x145/0x1c0\n __do_sys_reboot+0xeb/0x240\n do_syscall_64+0x95/0x180\n\nThis is a long standing problem, which probably got more visible with\nthe recent printk changes. Something does a task wakeup and the\nscheduler sets the NEED_RESCHED flag. cond_resched() sees it set and\ninvokes schedule() from a completely bogus context. The scheduler\nenables interrupts after context switching, which causes the above\nwarning at the end.\n\nQuite some of the code paths in syscore_suspend()/resume() can result in\ntriggering a wakeup with the exactly same consequences. They might not\nhave done so yet, but as they share a lot of code with normal operations\nit\u0027s just a question of time.\n\nThe problem only affects the PREEMPT_NONE and PREEMPT_VOLUNTARY scheduling\nmodels. Full preemption is not affected as cond_resched() is disabled and\nthe preemption check preemptible() takes the interrupt disabled flag into\naccount.\n\nCure the problem by adding a corresponding check into cond_resched().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-58090",
"url": "https://www.suse.com/security/cve/CVE-2024-58090"
},
{
"category": "external",
"summary": "SUSE Bug 1240324 for CVE-2024-58090",
"url": "https://bugzilla.suse.com/1240324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2024-58090"
},
{
"cve": "CVE-2025-22022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-22022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Apply the link chain quirk on NEC isoc endpoints\n\nTwo clearly different specimens of NEC uPD720200 (one with start/stop\nbug, one without) were seen to cause IOMMU faults after some Missed\nService Errors. Faulting address is immediately after a transfer ring\nsegment and patched dynamic debug messages revealed that the MSE was\nreceived when waiting for a TD near the end of that segment:\n\n[ 1.041954] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ffa08fe0\n[ 1.042120] xhci_hcd: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x0005 address=0xffa09000 flags=0x0000]\n[ 1.042146] xhci_hcd: AMD-Vi: Event logged [IO_PAGE_FAULT domain=0x0005 address=0xffa09040 flags=0x0000]\n\nIt gets even funnier if the next page is a ring segment accessible to\nthe HC. Below, it reports MSE in segment at ff1e8000, plows through a\nzero-filled page at ff1e9000 and starts reporting events for TRBs in\npage at ff1ea000 every microframe, instead of jumping to seg ff1e6000.\n\n[ 7.041671] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ff1e8fe0\n[ 7.041999] xhci_hcd: Miss service interval error for slot 1 ep 2 expected TD DMA ff1e8fe0\n[ 7.042011] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042028] xhci_hcd: All TDs skipped for slot 1 ep 2. Clear skip flag.\n[ 7.042134] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042138] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 31\n[ 7.042144] xhci_hcd: Looking for event-dma 00000000ff1ea040 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.042259] xhci_hcd: WARN: buffer overrun event for slot 1 ep 2 on endpoint\n[ 7.042262] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 31\n[ 7.042266] xhci_hcd: Looking for event-dma 00000000ff1ea050 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n\nAt some point completion events change from Isoch Buffer Overrun to\nShort Packet and the HC finally finds cycle bit mismatch in ff1ec000.\n\n[ 7.098130] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 13\n[ 7.098132] xhci_hcd: Looking for event-dma 00000000ff1ecc50 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.098254] xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2 comp_code 13\n[ 7.098256] xhci_hcd: Looking for event-dma 00000000ff1ecc60 trb-start 00000000ff1e6820 trb-end 00000000ff1e6820\n[ 7.098379] xhci_hcd: Overrun event on slot 1 ep 2\n\nIt\u0027s possible that data from the isochronous device were written to\nrandom buffers of pending TDs on other endpoints (either IN or OUT),\nother devices or even other HCs in the same IOMMU domain.\n\nLastly, an error from a different USB device on another HC. Was it\ncaused by the above? I don\u0027t know, but it may have been. The disk\nwas working without any other issues and generated PCIe traffic to\nstarve the NEC of upstream BW and trigger those MSEs. The two HCs\nshared one x1 slot by means of a commercial \"PCIe splitter\" board.\n\n[ 7.162604] usb 10-2: reset SuperSpeed USB device number 3 using xhci_hcd\n[ 7.178990] sd 9:0:0:0: [sdb] tag#0 UNKNOWN(0x2003) Result: hostbyte=0x07 driverbyte=DRIVER_OK cmd_age=0s\n[ 7.179001] sd 9:0:0:0: [sdb] tag#0 CDB: opcode=0x28 28 00 04 02 ae 00 00 02 00 00\n[ 7.179004] I/O error, dev sdb, sector 67284480 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0\n\nFortunately, it appears that this ridiculous bug is avoided by setting\nthe chain bit of Link TRBs on isochronous rings. Other ancient HCs are\nknown which also expect the bit to be set and they ignore Link TRBs if\nit\u0027s not. Reportedly, 0.95 spec guaranteed that the bit is set.\n\nThe bandwidth-starved NEC HC running a 32KB/uframe UVC endpoint reports\ntens of MSEs per second and runs into the bug within seconds. Chaining\nLink TRBs allows the same workload to run for many minutes, many times.\n\nNo ne\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-22022",
"url": "https://www.suse.com/security/cve/CVE-2025-22022"
},
{
"category": "external",
"summary": "SUSE Bug 1241292 for CVE-2025-22022",
"url": "https://bugzilla.suse.com/1241292"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-22022"
},
{
"cve": "CVE-2025-38119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: ufs: Fix a hang in the error handler\n\nufshcd_err_handling_prepare() calls ufshcd_rpm_get_sync(). The latter\nfunction can only succeed if UFSHCD_EH_IN_PROGRESS is not set because\nresuming involves submitting a SCSI command and ufshcd_queuecommand()\nreturns SCSI_MLQUEUE_HOST_BUSY if UFSHCD_EH_IN_PROGRESS is set. Fix this\nhang by setting UFSHCD_EH_IN_PROGRESS after ufshcd_rpm_get_sync() has\nbeen called instead of before.\n\nBacktrace:\n__switch_to+0x174/0x338\n__schedule+0x600/0x9e4\nschedule+0x7c/0xe8\nschedule_timeout+0xa4/0x1c8\nio_schedule_timeout+0x48/0x70\nwait_for_common_io+0xa8/0x160 //waiting on START_STOP\nwait_for_completion_io_timeout+0x10/0x20\nblk_execute_rq+0xe4/0x1e4\nscsi_execute_cmd+0x108/0x244\nufshcd_set_dev_pwr_mode+0xe8/0x250\n__ufshcd_wl_resume+0x94/0x354\nufshcd_wl_runtime_resume+0x3c/0x174\nscsi_runtime_resume+0x64/0xa4\nrpm_resume+0x15c/0xa1c\n__pm_runtime_resume+0x4c/0x90 // Runtime resume ongoing\nufshcd_err_handler+0x1a0/0xd08\nprocess_one_work+0x174/0x808\nworker_thread+0x15c/0x490\nkthread+0xf4/0x1ec\nret_from_fork+0x10/0x20\n\n[ bvanassche: rewrote patch description ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38119",
"url": "https://www.suse.com/security/cve/CVE-2025-38119"
},
{
"category": "external",
"summary": "SUSE Bug 1245700 for CVE-2025-38119",
"url": "https://bugzilla.suse.com/1245700"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38119"
},
{
"cve": "CVE-2025-38216",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38216"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Restore context entry setup order for aliased devices\n\nCommit 2031c469f816 (\"iommu/vt-d: Add support for static identity domain\")\nchanged the context entry setup during domain attachment from a\nset-and-check policy to a clear-and-reset approach. This inadvertently\nintroduced a regression affecting PCI aliased devices behind PCIe-to-PCI\nbridges.\n\nSpecifically, keyboard and touchpad stopped working on several Apple\nMacbooks with below messages:\n\n kernel: platform pxa2xx-spi.3: Adding to iommu group 20\n kernel: input: Apple SPI Keyboard as\n /devices/pci0000:00/0000:00:1e.3/pxa2xx-spi.3/spi_master/spi2/spi-APP000D:00/input/input0\n kernel: DMAR: DRHD: handling fault status reg 3\n kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr\n 0xffffa000 [fault reason 0x06] PTE Read access is not set\n kernel: DMAR: DRHD: handling fault status reg 3\n kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr\n 0xffffa000 [fault reason 0x06] PTE Read access is not set\n kernel: applespi spi-APP000D:00: Error writing to device: 01 0e 00 00\n kernel: DMAR: DRHD: handling fault status reg 3\n kernel: DMAR: [DMA Read NO_PASID] Request device [00:1e.3] fault addr\n 0xffffa000 [fault reason 0x06] PTE Read access is not set\n kernel: DMAR: DRHD: handling fault status reg 3\n kernel: applespi spi-APP000D:00: Error writing to device: 01 0e 00 00\n\nFix this by restoring the previous context setup order.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38216",
"url": "https://www.suse.com/security/cve/CVE-2025-38216"
},
{
"category": "external",
"summary": "SUSE Bug 1245963 for CVE-2025-38216",
"url": "https://bugzilla.suse.com/1245963"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38216"
},
{
"cve": "CVE-2025-38234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched/rt: Fix race in push_rt_task\n\nOverview\n========\nWhen a CPU chooses to call push_rt_task and picks a task to push to\nanother CPU\u0027s runqueue then it will call find_lock_lowest_rq method\nwhich would take a double lock on both CPUs\u0027 runqueues. If one of the\nlocks aren\u0027t readily available, it may lead to dropping the current\nrunqueue lock and reacquiring both the locks at once. During this window\nit is possible that the task is already migrated and is running on some\nother CPU. These cases are already handled. However, if the task is\nmigrated and has already been executed and another CPU is now trying to\nwake it up (ttwu) such that it is queued again on the runqeue\n(on_rq is 1) and also if the task was run by the same CPU, then the\ncurrent checks will pass even though the task was migrated out and is no\nlonger in the pushable tasks list.\n\nCrashes\n=======\nThis bug resulted in quite a few flavors of crashes triggering kernel\npanics with various crash signatures such as assert failures, page\nfaults, null pointer dereferences, and queue corruption errors all\ncoming from scheduler itself.\n\nSome of the crashes:\n-\u003e kernel BUG at kernel/sched/rt.c:1616! BUG_ON(idx \u003e= MAX_RT_PRIO)\n Call Trace:\n ? __die_body+0x1a/0x60\n ? die+0x2a/0x50\n ? do_trap+0x85/0x100\n ? pick_next_task_rt+0x6e/0x1d0\n ? do_error_trap+0x64/0xa0\n ? pick_next_task_rt+0x6e/0x1d0\n ? exc_invalid_op+0x4c/0x60\n ? pick_next_task_rt+0x6e/0x1d0\n ? asm_exc_invalid_op+0x12/0x20\n ? pick_next_task_rt+0x6e/0x1d0\n __schedule+0x5cb/0x790\n ? update_ts_time_stats+0x55/0x70\n schedule_idle+0x1e/0x40\n do_idle+0x15e/0x200\n cpu_startup_entry+0x19/0x20\n start_secondary+0x117/0x160\n secondary_startup_64_no_verify+0xb0/0xbb\n\n-\u003e BUG: kernel NULL pointer dereference, address: 00000000000000c0\n Call Trace:\n ? __die_body+0x1a/0x60\n ? no_context+0x183/0x350\n ? __warn+0x8a/0xe0\n ? exc_page_fault+0x3d6/0x520\n ? asm_exc_page_fault+0x1e/0x30\n ? pick_next_task_rt+0xb5/0x1d0\n ? pick_next_task_rt+0x8c/0x1d0\n __schedule+0x583/0x7e0\n ? update_ts_time_stats+0x55/0x70\n schedule_idle+0x1e/0x40\n do_idle+0x15e/0x200\n cpu_startup_entry+0x19/0x20\n start_secondary+0x117/0x160\n secondary_startup_64_no_verify+0xb0/0xbb\n\n-\u003e BUG: unable to handle page fault for address: ffff9464daea5900\n kernel BUG at kernel/sched/rt.c:1861! BUG_ON(rq-\u003ecpu != task_cpu(p))\n\n-\u003e kernel BUG at kernel/sched/rt.c:1055! BUG_ON(!rq-\u003enr_running)\n Call Trace:\n ? __die_body+0x1a/0x60\n ? die+0x2a/0x50\n ? do_trap+0x85/0x100\n ? dequeue_top_rt_rq+0xa2/0xb0\n ? do_error_trap+0x64/0xa0\n ? dequeue_top_rt_rq+0xa2/0xb0\n ? exc_invalid_op+0x4c/0x60\n ? dequeue_top_rt_rq+0xa2/0xb0\n ? asm_exc_invalid_op+0x12/0x20\n ? dequeue_top_rt_rq+0xa2/0xb0\n dequeue_rt_entity+0x1f/0x70\n dequeue_task_rt+0x2d/0x70\n __schedule+0x1a8/0x7e0\n ? blk_finish_plug+0x25/0x40\n schedule+0x3c/0xb0\n futex_wait_queue_me+0xb6/0x120\n futex_wait+0xd9/0x240\n do_futex+0x344/0xa90\n ? get_mm_exe_file+0x30/0x60\n ? audit_exe_compare+0x58/0x70\n ? audit_filter_rules.constprop.26+0x65e/0x1220\n __x64_sys_futex+0x148/0x1f0\n do_syscall_64+0x30/0x80\n entry_SYSCALL_64_after_hwframe+0x62/0xc7\n\n-\u003e BUG: unable to handle page fault for address: ffff8cf3608bc2c0\n Call Trace:\n ? __die_body+0x1a/0x60\n ? no_context+0x183/0x350\n ? spurious_kernel_fault+0x171/0x1c0\n ? exc_page_fault+0x3b6/0x520\n ? plist_check_list+0x15/0x40\n ? plist_check_list+0x2e/0x40\n ? asm_exc_page_fault+0x1e/0x30\n ? _cond_resched+0x15/0x30\n ? futex_wait_queue_me+0xc8/0x120\n ? futex_wait+0xd9/0x240\n ? try_to_wake_up+0x1b8/0x490\n ? futex_wake+0x78/0x160\n ? do_futex+0xcd/0xa90\n ? plist_check_list+0x15/0x40\n ? plist_check_list+0x2e/0x40\n ? plist_del+0x6a/0xd0\n ? plist_check_list+0x15/0x40\n ? plist_check_list+0x2e/0x40\n ? dequeue_pushable_task+0x20/0x70\n ? __schedule+0x382/0x7e0\n ? asm_sysvec_reschedule_i\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38234",
"url": "https://www.suse.com/security/cve/CVE-2025-38234"
},
{
"category": "external",
"summary": "SUSE Bug 1246057 for CVE-2025-38234",
"url": "https://bugzilla.suse.com/1246057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38234"
},
{
"cve": "CVE-2025-38255",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38255"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/group_cpus: fix NULL pointer dereference from group_cpus_evenly()\n\nWhile testing null_blk with configfs, echo 0 \u003e poll_queues will trigger\nfollowing panic:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000010\nOops: Oops: 0000 [#1] SMP NOPTI\nCPU: 27 UID: 0 PID: 920 Comm: bash Not tainted 6.15.0-02023-gadbdb95c8696-dirty #1238 PREEMPT(undef)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.1-2.fc37 04/01/2014\nRIP: 0010:__bitmap_or+0x48/0x70\nCall Trace:\n \u003cTASK\u003e\n __group_cpus_evenly+0x822/0x8c0\n group_cpus_evenly+0x2d9/0x490\n blk_mq_map_queues+0x1e/0x110\n null_map_queues+0xc9/0x170 [null_blk]\n blk_mq_update_queue_map+0xdb/0x160\n blk_mq_update_nr_hw_queues+0x22b/0x560\n nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]\n nullb_device_poll_queues_store+0xa4/0x130 [null_blk]\n configfs_write_iter+0x109/0x1d0\n vfs_write+0x26e/0x6f0\n ksys_write+0x79/0x180\n __x64_sys_write+0x1d/0x30\n x64_sys_call+0x45c4/0x45f0\n do_syscall_64+0xa5/0x240\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nRoot cause is that numgrps is set to 0, and ZERO_SIZE_PTR is returned from\nkcalloc(), and later ZERO_SIZE_PTR will be deferenced.\n\nFix the problem by checking numgrps first in group_cpus_evenly(), and\nreturn NULL directly if numgrps is zero.\n\n[yukuai3@huawei.com: also fix the non-SMP version]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38255",
"url": "https://www.suse.com/security/cve/CVE-2025-38255"
},
{
"category": "external",
"summary": "SUSE Bug 1246190 for CVE-2025-38255",
"url": "https://bugzilla.suse.com/1246190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38255"
},
{
"cve": "CVE-2025-38263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38263"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: fix NULL pointer in cache_set_flush()\n\n1. LINE#1794 - LINE#1887 is some codes about function of\n bch_cache_set_alloc().\n2. LINE#2078 - LINE#2142 is some codes about function of\n register_cache_set().\n3. register_cache_set() will call bch_cache_set_alloc() in LINE#2098.\n\n 1794 struct cache_set *bch_cache_set_alloc(struct cache_sb *sb)\n 1795 {\n ...\n 1860 if (!(c-\u003edevices = kcalloc(c-\u003enr_uuids, sizeof(void *), GFP_KERNEL)) ||\n 1861 mempool_init_slab_pool(\u0026c-\u003esearch, 32, bch_search_cache) ||\n 1862 mempool_init_kmalloc_pool(\u0026c-\u003ebio_meta, 2,\n 1863 sizeof(struct bbio) + sizeof(struct bio_vec) *\n 1864 bucket_pages(c)) ||\n 1865 mempool_init_kmalloc_pool(\u0026c-\u003efill_iter, 1, iter_size) ||\n 1866 bioset_init(\u0026c-\u003ebio_split, 4, offsetof(struct bbio, bio),\n 1867 BIOSET_NEED_BVECS|BIOSET_NEED_RESCUER) ||\n 1868 !(c-\u003euuids = alloc_bucket_pages(GFP_KERNEL, c)) ||\n 1869 !(c-\u003emoving_gc_wq = alloc_workqueue(\"bcache_gc\",\n 1870 WQ_MEM_RECLAIM, 0)) ||\n 1871 bch_journal_alloc(c) ||\n 1872 bch_btree_cache_alloc(c) ||\n 1873 bch_open_buckets_alloc(c) ||\n 1874 bch_bset_sort_state_init(\u0026c-\u003esort, ilog2(c-\u003ebtree_pages)))\n 1875 goto err;\n ^^^^^^^^\n 1876\n ...\n 1883 return c;\n 1884 err:\n 1885 bch_cache_set_unregister(c);\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^\n 1886 return NULL;\n 1887 }\n ...\n 2078 static const char *register_cache_set(struct cache *ca)\n 2079 {\n ...\n 2098 c = bch_cache_set_alloc(\u0026ca-\u003esb);\n 2099 if (!c)\n 2100 return err;\n ^^^^^^^^^^\n ...\n 2128 ca-\u003eset = c;\n 2129 ca-\u003eset-\u003ecache[ca-\u003esb.nr_this_dev] = ca;\n ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^\n ...\n 2138 return NULL;\n 2139 err:\n 2140 bch_cache_set_unregister(c);\n 2141 return err;\n 2142 }\n\n(1) If LINE#1860 - LINE#1874 is true, then do \u0027goto err\u0027(LINE#1875) and\n call bch_cache_set_unregister()(LINE#1885).\n(2) As (1) return NULL(LINE#1886), LINE#2098 - LINE#2100 would return.\n(3) As (2) has returned, LINE#2128 - LINE#2129 would do *not* give the\n value to c-\u003ecache[], it means that c-\u003ecache[] is NULL.\n\nLINE#1624 - LINE#1665 is some codes about function of cache_set_flush().\nAs (1), in LINE#1885 call\nbch_cache_set_unregister()\n---\u003e bch_cache_set_stop()\n ---\u003e closure_queue()\n -.-\u003e cache_set_flush() (as below LINE#1624)\n\n 1624 static void cache_set_flush(struct closure *cl)\n 1625 {\n ...\n 1654 for_each_cache(ca, c, i)\n 1655 if (ca-\u003ealloc_thread)\n ^^\n 1656 kthread_stop(ca-\u003ealloc_thread);\n ...\n 1665 }\n\n(4) In LINE#1655 ca is NULL(see (3)) in cache_set_flush() then the\n kernel crash occurred as below:\n[ 846.712887] bcache: register_cache() error drbd6: cannot allocate memory\n[ 846.713242] bcache: register_bcache() error : failed to register device\n[ 846.713336] bcache: cache_set_free() Cache set 2f84bdc1-498a-4f2f-98a7-01946bf54287 unregistered\n[ 846.713768] BUG: unable to handle kernel NULL pointer dereference at 00000000000009f8\n[ 846.714790] PGD 0 P4D 0\n[ 846.715129] Oops: 0000 [#1] SMP PTI\n[ 846.715472] CPU: 19 PID: 5057 Comm: kworker/19:16 Kdump: loaded Tainted: G OE --------- - - 4.18.0-147.5.1.el8_1.5es.3.x86_64 #1\n[ 846.716082] Hardware name: ESPAN GI-25212/X11DPL-i, BIOS 2.1 06/15/2018\n[ 846.716451] Workqueue: events cache_set_flush [bcache]\n[ 846.716808] RIP: 0010:cache_set_flush+0xc9/0x1b0 [bcache]\n[ 846.717155] Code: 00 4c 89 a5 b0 03 00 00 48 8b 85 68 f6 ff ff a8 08 0f 84 88 00 00 00 31 db 66 83 bd 3c f7 ff ff 00 48 8b 85 48 ff ff ff 74 28 \u003c48\u003e 8b b8 f8 09 00 0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38263",
"url": "https://www.suse.com/security/cve/CVE-2025-38263"
},
{
"category": "external",
"summary": "SUSE Bug 1246248 for CVE-2025-38263",
"url": "https://bugzilla.suse.com/1246248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38263"
},
{
"cve": "CVE-2025-38351",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38351"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush\n\nIn KVM guests with Hyper-V hypercalls enabled, the hypercalls\nHVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EX\nallow a guest to request invalidation of portions of a virtual TLB.\nFor this, the hypercall parameter includes a list of GVAs that are supposed\nto be invalidated.\n\nHowever, when non-canonical GVAs are passed, there is currently no\nfiltering in place and they are eventually passed to checked invocations of\nINVVPID on Intel / INVLPGA on AMD. While AMD\u0027s INVLPGA silently ignores\nnon-canonical addresses (effectively a no-op), Intel\u0027s INVVPID explicitly\nsignals VM-Fail and ultimately triggers the WARN_ONCE in invvpid_error():\n\n invvpid failed: ext=0x0 vpid=1 gva=0xaaaaaaaaaaaaa000\n WARNING: CPU: 6 PID: 326 at arch/x86/kvm/vmx/vmx.c:482\n invvpid_error+0x91/0xa0 [kvm_intel]\n Modules linked in: kvm_intel kvm 9pnet_virtio irqbypass fuse\n CPU: 6 UID: 0 PID: 326 Comm: kvm-vm Not tainted 6.15.0 #14 PREEMPT(voluntary)\n RIP: 0010:invvpid_error+0x91/0xa0 [kvm_intel]\n Call Trace:\n vmx_flush_tlb_gva+0x320/0x490 [kvm_intel]\n kvm_hv_vcpu_flush_tlb+0x24f/0x4f0 [kvm]\n kvm_arch_vcpu_ioctl_run+0x3013/0x5810 [kvm]\n\nHyper-V documents that invalid GVAs (those that are beyond a partition\u0027s\nGVA space) are to be ignored. While not completely clear whether this\nruling also applies to non-canonical GVAs, it is likely fine to make that\nassumption, and manual testing on Azure confirms \"real\" Hyper-V interprets\nthe specification in the same way.\n\nSkip non-canonical GVAs when processing the list of address to avoid\ntripping the INVVPID failure. Alternatively, KVM could filter out \"bad\"\nGVAs before inserting into the FIFO, but practically speaking the only\ndownside of pushing validation to the final processing is that doing so\nis suboptimal for the guest, and no well-behaved guest will request TLB\nflushes for non-canonical addresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38351",
"url": "https://www.suse.com/security/cve/CVE-2025-38351"
},
{
"category": "external",
"summary": "SUSE Bug 1246782 for CVE-2025-38351",
"url": "https://bugzilla.suse.com/1246782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38351"
},
{
"cve": "CVE-2025-38402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: return 0 size for RSS key if not supported\n\nReturning -EOPNOTSUPP from function returning u32 is leading to\ncast and invalid size value as a result.\n\n-EOPNOTSUPP as a size probably will lead to allocation fail.\n\nCommand: ethtool -x eth0\nIt is visible on all devices that don\u0027t have RSS caps set.\n\n[ 136.615917] Call Trace:\n[ 136.615921] \u003cTASK\u003e\n[ 136.615927] ? __warn+0x89/0x130\n[ 136.615942] ? __alloc_frozen_pages_noprof+0x322/0x330\n[ 136.615953] ? report_bug+0x164/0x190\n[ 136.615968] ? handle_bug+0x58/0x90\n[ 136.615979] ? exc_invalid_op+0x17/0x70\n[ 136.615987] ? asm_exc_invalid_op+0x1a/0x20\n[ 136.616001] ? rss_prepare_get.constprop.0+0xb9/0x170\n[ 136.616016] ? __alloc_frozen_pages_noprof+0x322/0x330\n[ 136.616028] __alloc_pages_noprof+0xe/0x20\n[ 136.616038] ___kmalloc_large_node+0x80/0x110\n[ 136.616072] __kmalloc_large_node_noprof+0x1d/0xa0\n[ 136.616081] __kmalloc_noprof+0x32c/0x4c0\n[ 136.616098] ? rss_prepare_get.constprop.0+0xb9/0x170\n[ 136.616105] rss_prepare_get.constprop.0+0xb9/0x170\n[ 136.616114] ethnl_default_doit+0x107/0x3d0\n[ 136.616131] genl_family_rcv_msg_doit+0x100/0x160\n[ 136.616147] genl_rcv_msg+0x1b8/0x2c0\n[ 136.616156] ? __pfx_ethnl_default_doit+0x10/0x10\n[ 136.616168] ? __pfx_genl_rcv_msg+0x10/0x10\n[ 136.616176] netlink_rcv_skb+0x58/0x110\n[ 136.616186] genl_rcv+0x28/0x40\n[ 136.616195] netlink_unicast+0x19b/0x290\n[ 136.616206] netlink_sendmsg+0x222/0x490\n[ 136.616215] __sys_sendto+0x1fd/0x210\n[ 136.616233] __x64_sys_sendto+0x24/0x30\n[ 136.616242] do_syscall_64+0x82/0x160\n[ 136.616252] ? __sys_recvmsg+0x83/0xe0\n[ 136.616265] ? syscall_exit_to_user_mode+0x10/0x210\n[ 136.616275] ? do_syscall_64+0x8e/0x160\n[ 136.616282] ? __count_memcg_events+0xa1/0x130\n[ 136.616295] ? count_memcg_events.constprop.0+0x1a/0x30\n[ 136.616306] ? handle_mm_fault+0xae/0x2d0\n[ 136.616319] ? do_user_addr_fault+0x379/0x670\n[ 136.616328] ? clear_bhb_loop+0x45/0xa0\n[ 136.616340] ? clear_bhb_loop+0x45/0xa0\n[ 136.616349] ? clear_bhb_loop+0x45/0xa0\n[ 136.616359] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 136.616369] RIP: 0033:0x7fd30ba7b047\n[ 136.616376] Code: 0c 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d bd d5 0c 00 00 41 89 ca 74 10 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 71 c3 55 48 83 ec 30 44 89 4c 24 2c 4c 89 44\n[ 136.616381] RSP: 002b:00007ffde1796d68 EFLAGS: 00000202 ORIG_RAX: 000000000000002c\n[ 136.616388] RAX: ffffffffffffffda RBX: 000055d7bd89f2a0 RCX: 00007fd30ba7b047\n[ 136.616392] RDX: 0000000000000028 RSI: 000055d7bd89f3b0 RDI: 0000000000000003\n[ 136.616396] RBP: 00007ffde1796e10 R08: 00007fd30bb4e200 R09: 000000000000000c\n[ 136.616399] R10: 0000000000000000 R11: 0000000000000202 R12: 000055d7bd89f340\n[ 136.616403] R13: 000055d7bd89f3b0 R14: 000055d78943f200 R15: 0000000000000000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38402",
"url": "https://www.suse.com/security/cve/CVE-2025-38402"
},
{
"category": "external",
"summary": "SUSE Bug 1247262 for CVE-2025-38402",
"url": "https://bugzilla.suse.com/1247262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38402"
},
{
"cve": "CVE-2025-38408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/irq_sim: Initialize work context pointers properly\n\nInitialize `ops` member\u0027s pointers properly by using kzalloc() instead of\nkmalloc() when allocating the simulation work context. Otherwise the\npointers contain random content leading to invalid dereferencing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38408",
"url": "https://www.suse.com/security/cve/CVE-2025-38408"
},
{
"category": "external",
"summary": "SUSE Bug 1247126 for CVE-2025-38408",
"url": "https://bugzilla.suse.com/1247126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38408"
},
{
"cve": "CVE-2025-38418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38418"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Release rproc-\u003eclean_table after rproc_attach() fails\n\nWhen rproc-\u003estate = RPROC_DETACHED is attached to remote processor\nthrough rproc_attach(), if rproc_handle_resources() returns failure,\nthen the clean table should be released, otherwise the following\nmemory leak will occur.\n\nunreferenced object 0xffff000086a99800 (size 1024):\ncomm \"kworker/u12:3\", pid 59, jiffies 4294893670 (age 121.140s)\nhex dump (first 32 bytes):\n00 00 00 00 00 80 00 00 00 00 00 00 00 00 10 00 ............\n00 00 00 00 00 00 08 00 00 00 00 00 00 00 00 00 ............\nbacktrace:\n [\u003c000000008bbe4ca8\u003e] slab_post_alloc_hook+0x98/0x3fc\n [\u003c000000003b8a272b\u003e] __kmem_cache_alloc_node+0x13c/0x230\n [\u003c000000007a507c51\u003e] __kmalloc_node_track_caller+0x5c/0x260\n [\u003c0000000037818dae\u003e] kmemdup+0x34/0x60\n [\u003c00000000610f7f57\u003e] rproc_boot+0x35c/0x56c\n [\u003c0000000065f8871a\u003e] rproc_add+0x124/0x17c\n [\u003c00000000497416ee\u003e] imx_rproc_probe+0x4ec/0x5d4\n [\u003c000000003bcaa37d\u003e] platform_probe+0x68/0xd8\n [\u003c00000000771577f9\u003e] really_probe+0x110/0x27c\n [\u003c00000000531fea59\u003e] __driver_probe_device+0x78/0x12c\n [\u003c0000000080036a04\u003e] driver_probe_device+0x3c/0x118\n [\u003c000000007e0bddcb\u003e] __device_attach_driver+0xb8/0xf8\n [\u003c000000000cf1fa33\u003e] bus_for_each_drv+0x84/0xe4\n [\u003c000000001a53b53e\u003e] __device_attach+0xfc/0x18c\n [\u003c00000000d1a2a32c\u003e] device_initial_probe+0x14/0x20\n [\u003c00000000d8f8b7ae\u003e] bus_probe_device+0xb0/0xb4\n unreferenced object 0xffff0000864c9690 (size 16):",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38418",
"url": "https://www.suse.com/security/cve/CVE-2025-38418"
},
{
"category": "external",
"summary": "SUSE Bug 1247137 for CVE-2025-38418",
"url": "https://bugzilla.suse.com/1247137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38418"
},
{
"cve": "CVE-2025-38419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach()\n\nWhen rproc-\u003estate = RPROC_DETACHED and rproc_attach() is used\nto attach to the remote processor, if rproc_handle_resources()\nreturns a failure, the resources allocated by imx_rproc_prepare()\nshould be released, otherwise the following memory leak will occur.\n\nSince almost the same thing is done in imx_rproc_prepare() and\nrproc_resource_cleanup(), Function rproc_resource_cleanup() is able\nto deal with empty lists so it is better to fix the \"goto\" statements\nin rproc_attach(). replace the \"unprepare_device\" goto statement with\n\"clean_up_resources\" and get rid of the \"unprepare_device\" label.\n\nunreferenced object 0xffff0000861c5d00 (size 128):\ncomm \"kworker/u12:3\", pid 59, jiffies 4294893509 (age 149.220s)\nhex dump (first 32 bytes):\n00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n00 00 02 88 00 00 00 00 00 00 10 00 00 00 00 00 ............\nbacktrace:\n [\u003c00000000f949fe18\u003e] slab_post_alloc_hook+0x98/0x37c\n [\u003c00000000adbfb3e7\u003e] __kmem_cache_alloc_node+0x138/0x2e0\n [\u003c00000000521c0345\u003e] kmalloc_trace+0x40/0x158\n [\u003c000000004e330a49\u003e] rproc_mem_entry_init+0x60/0xf8\n [\u003c000000002815755e\u003e] imx_rproc_prepare+0xe0/0x180\n [\u003c0000000003f61b4e\u003e] rproc_boot+0x2ec/0x528\n [\u003c00000000e7e994ac\u003e] rproc_add+0x124/0x17c\n [\u003c0000000048594076\u003e] imx_rproc_probe+0x4ec/0x5d4\n [\u003c00000000efc298a1\u003e] platform_probe+0x68/0xd8\n [\u003c00000000110be6fe\u003e] really_probe+0x110/0x27c\n [\u003c00000000e245c0ae\u003e] __driver_probe_device+0x78/0x12c\n [\u003c00000000f61f6f5e\u003e] driver_probe_device+0x3c/0x118\n [\u003c00000000a7874938\u003e] __device_attach_driver+0xb8/0xf8\n [\u003c0000000065319e69\u003e] bus_for_each_drv+0x84/0xe4\n [\u003c00000000db3eb243\u003e] __device_attach+0xfc/0x18c\n [\u003c0000000072e4e1a4\u003e] device_initial_probe+0x14/0x20",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38419",
"url": "https://www.suse.com/security/cve/CVE-2025-38419"
},
{
"category": "external",
"summary": "SUSE Bug 1247136 for CVE-2025-38419",
"url": "https://bugzilla.suse.com/1247136"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38419"
},
{
"cve": "CVE-2025-38456",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38456"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi:msghandler: Fix potential memory corruption in ipmi_create_user()\n\nThe \"intf\" list iterator is an invalid pointer if the correct\n\"intf-\u003eintf_num\" is not found. Calling atomic_dec(\u0026intf-\u003enr_users) on\nand invalid pointer will lead to memory corruption.\n\nWe don\u0027t really need to call atomic_dec() if we haven\u0027t called\natomic_add_return() so update the if (intf-\u003ein_shutdown) path as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38456",
"url": "https://www.suse.com/security/cve/CVE-2025-38456"
},
{
"category": "external",
"summary": "SUSE Bug 1247099 for CVE-2025-38456",
"url": "https://bugzilla.suse.com/1247099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38456"
},
{
"cve": "CVE-2025-38466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38466"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: Revert to requiring CAP_SYS_ADMIN for uprobes\n\nJann reports that uprobes can be used destructively when used in the\nmiddle of an instruction. The kernel only verifies there is a valid\ninstruction at the requested offset, but due to variable instruction\nlength cannot determine if this is an instruction as seen by the\nintended execution stream.\n\nAdditionally, Mark Rutland notes that on architectures that mix data\nin the text segment (like arm64), a similar things can be done if the\ndata word is \u0027mistaken\u0027 for an instruction.\n\nAs such, require CAP_SYS_ADMIN for uprobes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38466",
"url": "https://www.suse.com/security/cve/CVE-2025-38466"
},
{
"category": "external",
"summary": "SUSE Bug 1247442 for CVE-2025-38466",
"url": "https://bugzilla.suse.com/1247442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38466"
},
{
"cve": "CVE-2025-38488",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38488"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in crypt_message when using async crypto\n\nThe CVE-2024-50047 fix removed asynchronous crypto handling from\ncrypt_message(), assuming all crypto operations are synchronous.\nHowever, when hardware crypto accelerators are used, this can cause\nuse-after-free crashes:\n\n crypt_message()\n // Allocate the creq buffer containing the req\n creq = smb2_get_aead_req(..., \u0026req);\n\n // Async encryption returns -EINPROGRESS immediately\n rc = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);\n\n // Free creq while async operation is still in progress\n kvfree_sensitive(creq, ...);\n\nHardware crypto modules often implement async AEAD operations for\nperformance. When crypto_aead_encrypt/decrypt() returns -EINPROGRESS,\nthe operation completes asynchronously. Without crypto_wait_req(),\nthe function immediately frees the request buffer, leading to crashes\nwhen the driver later accesses the freed memory.\n\nThis results in a use-after-free condition when the hardware crypto\ndriver later accesses the freed request structure, leading to kernel\ncrashes with NULL pointer dereferences.\n\nThe issue occurs because crypto_alloc_aead() with mask=0 doesn\u0027t\nguarantee synchronous operation. Even without CRYPTO_ALG_ASYNC in\nthe mask, async implementations can be selected.\n\nFix by restoring the async crypto handling:\n- DECLARE_CRYPTO_WAIT(wait) for completion tracking\n- aead_request_set_callback() for async completion notification\n- crypto_wait_req() to wait for operation completion\n\nThis ensures the request buffer isn\u0027t freed until the crypto operation\ncompletes, whether synchronous or asynchronous, while preserving the\nCVE-2024-50047 fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38488",
"url": "https://www.suse.com/security/cve/CVE-2025-38488"
},
{
"category": "external",
"summary": "SUSE Bug 1247239 for CVE-2025-38488",
"url": "https://bugzilla.suse.com/1247239"
},
{
"category": "external",
"summary": "SUSE Bug 1247240 for CVE-2025-38488",
"url": "https://bugzilla.suse.com/1247240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2025-38488"
},
{
"cve": "CVE-2025-38514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38514"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix oops due to non-existence of prealloc backlog struct\n\nIf an AF_RXRPC service socket is opened and bound, but calls are\npreallocated, then rxrpc_alloc_incoming_call() will oops because the\nrxrpc_backlog struct doesn\u0027t get allocated until the first preallocation is\nmade.\n\nFix this by returning NULL from rxrpc_alloc_incoming_call() if there is no\nbacklog struct. This will cause the incoming call to be aborted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38514",
"url": "https://www.suse.com/security/cve/CVE-2025-38514"
},
{
"category": "external",
"summary": "SUSE Bug 1248202 for CVE-2025-38514",
"url": "https://bugzilla.suse.com/1248202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38514"
},
{
"cve": "CVE-2025-38526",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38526"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: add NULL check in eswitch lag check\n\nThe function ice_lag_is_switchdev_running() is being called from outside of\nthe LAG event handler code. This results in the lag-\u003eupper_netdev being\nNULL sometimes. To avoid a NULL-pointer dereference, there needs to be a\ncheck before it is dereferenced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38526",
"url": "https://www.suse.com/security/cve/CVE-2025-38526"
},
{
"category": "external",
"summary": "SUSE Bug 1248192 for CVE-2025-38526",
"url": "https://bugzilla.suse.com/1248192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38526"
},
{
"cve": "CVE-2025-38527",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38527"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in cifs_oplock_break\n\nA race condition can occur in cifs_oplock_break() leading to a\nuse-after-free of the cinode structure when unmounting:\n\n cifs_oplock_break()\n _cifsFileInfo_put(cfile)\n cifsFileInfo_put_final()\n cifs_sb_deactive()\n [last ref, start releasing sb]\n kill_sb()\n kill_anon_super()\n generic_shutdown_super()\n evict_inodes()\n dispose_list()\n evict()\n destroy_inode()\n call_rcu(\u0026inode-\u003ei_rcu, i_callback)\n spin_lock(\u0026cinode-\u003eopen_file_lock) \u003c- OK\n [later] i_callback()\n cifs_free_inode()\n kmem_cache_free(cinode)\n spin_unlock(\u0026cinode-\u003eopen_file_lock) \u003c- UAF\n cifs_done_oplock_break(cinode) \u003c- UAF\n\nThe issue occurs when umount has already released its reference to the\nsuperblock. When _cifsFileInfo_put() calls cifs_sb_deactive(), this\nreleases the last reference, triggering the immediate cleanup of all\ninodes under RCU. However, cifs_oplock_break() continues to access the\ncinode after this point, resulting in use-after-free.\n\nFix this by holding an extra reference to the superblock during the\nentire oplock break operation. This ensures that the superblock and\nits inodes remain valid until the oplock break completes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38527",
"url": "https://www.suse.com/security/cve/CVE-2025-38527"
},
{
"category": "external",
"summary": "SUSE Bug 1248199 for CVE-2025-38527",
"url": "https://bugzilla.suse.com/1248199"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38527"
},
{
"cve": "CVE-2025-38533",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38533"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: libwx: fix the using of Rx buffer DMA\n\nThe wx_rx_buffer structure contained two DMA address fields: \u0027dma\u0027 and\n\u0027page_dma\u0027. However, only \u0027page_dma\u0027 was actually initialized and used\nto program the Rx descriptor. But \u0027dma\u0027 was uninitialized and used in\nsome paths.\n\nThis could lead to undefined behavior, including DMA errors or\nuse-after-free, if the uninitialized \u0027dma\u0027 was used. Althrough such\nerror has not yet occurred, it is worth fixing in the code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38533",
"url": "https://www.suse.com/security/cve/CVE-2025-38533"
},
{
"category": "external",
"summary": "SUSE Bug 1248200 for CVE-2025-38533",
"url": "https://bugzilla.suse.com/1248200"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38533"
},
{
"cve": "CVE-2025-38544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrxrpc: Fix bug due to prealloc collision\n\nWhen userspace is using AF_RXRPC to provide a server, it has to preallocate\nincoming calls and assign to them call IDs that will be used to thread\nrelated recvmsg() and sendmsg() together. The preallocated call IDs will\nautomatically be attached to calls as they come in until the pool is empty.\n\nTo the kernel, the call IDs are just arbitrary numbers, but userspace can\nuse the call ID to hold a pointer to prepared structs. In any case, the\nuser isn\u0027t permitted to create two calls with the same call ID (call IDs\nbecome available again when the call ends) and EBADSLT should result from\nsendmsg() if an attempt is made to preallocate a call with an in-use call\nID.\n\nHowever, the cleanup in the error handling will trigger both assertions in\nrxrpc_cleanup_call() because the call isn\u0027t marked complete and isn\u0027t\nmarked as having been released.\n\nFix this by setting the call state in rxrpc_service_prealloc_one() and then\nmarking it as being released before calling the cleanup function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38544",
"url": "https://www.suse.com/security/cve/CVE-2025-38544"
},
{
"category": "external",
"summary": "SUSE Bug 1248225 for CVE-2025-38544",
"url": "https://bugzilla.suse.com/1248225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38544"
},
{
"cve": "CVE-2025-38556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38556"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: core: Harden s32ton() against conversion to 0 bits\n\nTesting by the syzbot fuzzer showed that the HID core gets a\nshift-out-of-bounds exception when it tries to convert a 32-bit\nquantity to a 0-bit quantity. Ideally this should never occur, but\nthere are buggy devices and some might have a report field with size\nset to zero; we shouldn\u0027t reject the report or the device just because\nof that.\n\nInstead, harden the s32ton() routine so that it returns a reasonable\nresult instead of crashing when it is called with the number of bits\nset to 0 -- the same as what snto32() does.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38556",
"url": "https://www.suse.com/security/cve/CVE-2025-38556"
},
{
"category": "external",
"summary": "SUSE Bug 1248296 for CVE-2025-38556",
"url": "https://bugzilla.suse.com/1248296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38556"
},
{
"cve": "CVE-2025-38574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38574"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npptp: ensure minimal skb length in pptp_xmit()\n\nCommit aabc6596ffb3 (\"net: ppp: Add bound checking for skb data\non ppp_sync_txmung\") fixed ppp_sync_txmunge()\n\nWe need a similar fix in pptp_xmit(), otherwise we might\nread uninit data as reported by syzbot.\n\nBUG: KMSAN: uninit-value in pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n pptp_xmit+0xc34/0x2720 drivers/net/ppp/pptp.c:193\n ppp_channel_bridge_input drivers/net/ppp/ppp_generic.c:2290 [inline]\n ppp_input+0x1d6/0xe60 drivers/net/ppp/ppp_generic.c:2314\n pppoe_rcv_core+0x1e8/0x760 drivers/net/ppp/pppoe.c:379\n sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148\n __release_sock+0x1d3/0x330 net/core/sock.c:3213\n release_sock+0x6b/0x270 net/core/sock.c:3767\n pppoe_sendmsg+0x15d/0xcb0 drivers/net/ppp/pppoe.c:904\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x330/0x3d0 net/socket.c:727\n ____sys_sendmsg+0x893/0xd80 net/socket.c:2566\n ___sys_sendmsg+0x271/0x3b0 net/socket.c:2620\n __sys_sendmmsg+0x2d9/0x7c0 net/socket.c:2709",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38574",
"url": "https://www.suse.com/security/cve/CVE-2025-38574"
},
{
"category": "external",
"summary": "SUSE Bug 1248365 for CVE-2025-38574",
"url": "https://bugzilla.suse.com/1248365"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38574"
},
{
"cve": "CVE-2025-38584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38584"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: Fix pd UAF once and for all\n\nThere is a race condition/UAF in padata_reorder that goes back\nto the initial commit. A reference count is taken at the start\nof the process in padata_do_parallel, and released at the end in\npadata_serial_worker.\n\nThis reference count is (and only is) required for padata_replace\nto function correctly. If padata_replace is never called then\nthere is no issue.\n\nIn the function padata_reorder which serves as the core of padata,\nas soon as padata is added to queue-\u003eserial.list, and the associated\nspin lock released, that padata may be processed and the reference\ncount on pd would go away.\n\nFix this by getting the next padata before the squeue-\u003eserial lock\nis released.\n\nIn order to make this possible, simplify padata_reorder by only\ncalling it once the next padata arrives.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38584",
"url": "https://www.suse.com/security/cve/CVE-2025-38584"
},
{
"category": "external",
"summary": "SUSE Bug 1248343 for CVE-2025-38584",
"url": "https://bugzilla.suse.com/1248343"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38584"
},
{
"cve": "CVE-2025-38590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Remove skb secpath if xfrm state is not found\n\nHardware returns a unique identifier for a decrypted packet\u0027s xfrm\nstate, this state is looked up in an xarray. However, the state might\nhave been freed by the time of this lookup.\n\nCurrently, if the state is not found, only a counter is incremented.\nThe secpath (sp) extension on the skb is not removed, resulting in\nsp-\u003elen becoming 0.\n\nSubsequently, functions like __xfrm_policy_check() attempt to access\nfields such as xfrm_input_state(skb)-\u003exso.type (which dereferences\nsp-\u003exvec[sp-\u003elen - 1]) without first validating sp-\u003elen. This leads to\na crash when dereferencing an invalid state pointer.\n\nThis patch prevents the crash by explicitly removing the secpath\nextension from the skb if the xfrm state is not found after hardware\ndecryption. This ensures downstream functions do not operate on a\nzero-length secpath.\n\n BUG: unable to handle page fault for address: ffffffff000002c8\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 282e067 P4D 282e067 PUD 0\n Oops: Oops: 0000 [#1] SMP\n CPU: 12 UID: 0 PID: 0 Comm: swapper/12 Not tainted 6.15.0-rc7_for_upstream_min_debug_2025_05_27_22_44 #1 NONE\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n RIP: 0010:__xfrm_policy_check+0x61a/0xa30\n Code: b6 77 7f 83 e6 02 74 14 4d 8b af d8 00 00 00 41 0f b6 45 05 c1 e0 03 48 98 49 01 c5 41 8b 45 00 83 e8 01 48 98 49 8b 44 c5 10 \u003c0f\u003e b6 80 c8 02 00 00 83 e0 0c 3c 04 0f 84 0c 02 00 00 31 ff 80 fa\n RSP: 0018:ffff88885fb04918 EFLAGS: 00010297\n RAX: ffffffff00000000 RBX: 0000000000000002 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: 0000000000000002 RDI: 0000000000000000\n RBP: ffffffff8311af80 R08: 0000000000000020 R09: 00000000c2eda353\n R10: ffff88812be2bbc8 R11: 000000001faab533 R12: ffff88885fb049c8\n R13: ffff88812be2bbc8 R14: 0000000000000000 R15: ffff88811896ae00\n FS: 0000000000000000(0000) GS:ffff8888dca82000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffffffff000002c8 CR3: 0000000243050002 CR4: 0000000000372eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n ? try_to_wake_up+0x108/0x4c0\n ? udp4_lib_lookup2+0xbe/0x150\n ? udp_lib_lport_inuse+0x100/0x100\n ? __udp4_lib_lookup+0x2b0/0x410\n __xfrm_policy_check2.constprop.0+0x11e/0x130\n udp_queue_rcv_one_skb+0x1d/0x530\n udp_unicast_rcv_skb+0x76/0x90\n __udp4_lib_rcv+0xa64/0xe90\n ip_protocol_deliver_rcu+0x20/0x130\n ip_local_deliver_finish+0x75/0xa0\n ip_local_deliver+0xc1/0xd0\n ? ip_protocol_deliver_rcu+0x130/0x130\n ip_sublist_rcv+0x1f9/0x240\n ? ip_rcv_finish_core+0x430/0x430\n ip_list_rcv+0xfc/0x130\n __netif_receive_skb_list_core+0x181/0x1e0\n netif_receive_skb_list_internal+0x200/0x360\n ? mlx5e_build_rx_skb+0x1bc/0xda0 [mlx5_core]\n gro_receive_skb+0xfd/0x210\n mlx5e_handle_rx_cqe_mpwrq+0x141/0x280 [mlx5_core]\n mlx5e_poll_rx_cq+0xcc/0x8e0 [mlx5_core]\n ? mlx5e_handle_rx_dim+0x91/0xd0 [mlx5_core]\n mlx5e_napi_poll+0x114/0xab0 [mlx5_core]\n __napi_poll+0x25/0x170\n net_rx_action+0x32d/0x3a0\n ? mlx5_eq_comp_int+0x8d/0x280 [mlx5_core]\n ? notifier_call_chain+0x33/0xa0\n handle_softirqs+0xda/0x250\n irq_exit_rcu+0x6d/0xc0\n common_interrupt+0x81/0xa0\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38590",
"url": "https://www.suse.com/security/cve/CVE-2025-38590"
},
{
"category": "external",
"summary": "SUSE Bug 1248360 for CVE-2025-38590",
"url": "https://bugzilla.suse.com/1248360"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38590"
},
{
"cve": "CVE-2025-38593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38593"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: fix double free in \u0027hci_discovery_filter_clear()\u0027\n\nFunction \u0027hci_discovery_filter_clear()\u0027 frees \u0027uuids\u0027 array and then\nsets it to NULL. There is a tiny chance of the following race:\n\n\u0027hci_cmd_sync_work()\u0027\n\n \u0027update_passive_scan_sync()\u0027\n\n \u0027hci_update_passive_scan_sync()\u0027\n\n \u0027hci_discovery_filter_clear()\u0027\n kfree(uuids);\n\n \u003c-------------------------preempted--------------------------------\u003e\n \u0027start_service_discovery()\u0027\n\n \u0027hci_discovery_filter_clear()\u0027\n kfree(uuids); // DOUBLE FREE\n\n \u003c-------------------------preempted--------------------------------\u003e\n\n uuids = NULL;\n\nTo fix it let\u0027s add locking around \u0027kfree()\u0027 call and NULL pointer\nassignment. Otherwise the following backtrace fires:\n\n[ ] ------------[ cut here ]------------\n[ ] kernel BUG at mm/slub.c:547!\n[ ] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\n[ ] CPU: 3 UID: 0 PID: 246 Comm: bluetoothd Tainted: G O 6.12.19-kernel #1\n[ ] Tainted: [O]=OOT_MODULE\n[ ] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ ] pc : __slab_free+0xf8/0x348\n[ ] lr : __slab_free+0x48/0x348\n...\n[ ] Call trace:\n[ ] __slab_free+0xf8/0x348\n[ ] kfree+0x164/0x27c\n[ ] start_service_discovery+0x1d0/0x2c0\n[ ] hci_sock_sendmsg+0x518/0x924\n[ ] __sock_sendmsg+0x54/0x60\n[ ] sock_write_iter+0x98/0xf8\n[ ] do_iter_readv_writev+0xe4/0x1c8\n[ ] vfs_writev+0x128/0x2b0\n[ ] do_writev+0xfc/0x118\n[ ] __arm64_sys_writev+0x20/0x2c\n[ ] invoke_syscall+0x68/0xf0\n[ ] el0_svc_common.constprop.0+0x40/0xe0\n[ ] do_el0_svc+0x1c/0x28\n[ ] el0_svc+0x30/0xd0\n[ ] el0t_64_sync_handler+0x100/0x12c\n[ ] el0t_64_sync+0x194/0x198\n[ ] Code: 8b0002e6 eb17031f 54fffbe1 d503201f (d4210000)\n[ ] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38593",
"url": "https://www.suse.com/security/cve/CVE-2025-38593"
},
{
"category": "external",
"summary": "SUSE Bug 1248357 for CVE-2025-38593",
"url": "https://bugzilla.suse.com/1248357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38593"
},
{
"cve": "CVE-2025-38595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen: fix UAF in dmabuf_exp_from_pages()\n\n[dma_buf_fd() fixes; no preferences regarding the tree it goes through -\nup to xen folks]\n\nAs soon as we\u0027d inserted a file reference into descriptor table, another\nthread could close it. That\u0027s fine for the case when all we are doing is\nreturning that descriptor to userland (it\u0027s a race, but it\u0027s a userland\nrace and there\u0027s nothing the kernel can do about it). However, if we\nfollow fd_install() with any kind of access to objects that would be\ndestroyed on close (be it the struct file itself or anything destroyed\nby its -\u003erelease()), we have a UAF.\n\ndma_buf_fd() is a combination of reserving a descriptor and fd_install().\ngntdev dmabuf_exp_from_pages() calls it and then proceeds to access the\nobjects destroyed on close - starting with gntdev_dmabuf itself.\n\nFix that by doing reserving descriptor before anything else and do\nfd_install() only when everything had been set up.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38595",
"url": "https://www.suse.com/security/cve/CVE-2025-38595"
},
{
"category": "external",
"summary": "SUSE Bug 1248380 for CVE-2025-38595",
"url": "https://bugzilla.suse.com/1248380"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38595"
},
{
"cve": "CVE-2025-38597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port\n\nEach window of a vop2 is usable by a specific set of video ports, so while\nbinding the vop2, we look through the list of available windows trying to\nfind one designated as primary-plane and usable by that specific port.\n\nThe code later wants to use drm_crtc_init_with_planes with that found\nprimary plane, but nothing has checked so far if a primary plane was\nactually found.\n\nFor whatever reason, the rk3576 vp2 does not have a usable primary window\n(if vp0 is also in use) which brought the issue to light and ended in a\nnull-pointer dereference further down.\n\nAs we expect a primary-plane to exist for a video-port, add a check at\nthe end of the window-iteration and fail probing if none was found.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38597",
"url": "https://www.suse.com/security/cve/CVE-2025-38597"
},
{
"category": "external",
"summary": "SUSE Bug 1248378 for CVE-2025-38597",
"url": "https://bugzilla.suse.com/1248378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38597"
},
{
"cve": "CVE-2025-38605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type()\n\nIn ath12k_dp_tx_get_encap_type(), the arvif parameter is only used to\nretrieve the ab pointer. In vdev delete sequence the arvif-\u003ear could\nbecome NULL and that would trigger kernel panic.\nSince the caller ath12k_dp_tx() already has a valid ab pointer, pass it\ndirectly to avoid panic and unnecessary dereferencing.\n\nPC points to \"ath12k_dp_tx+0x228/0x988 [ath12k]\"\nLR points to \"ath12k_dp_tx+0xc8/0x988 [ath12k]\".\nThe Backtrace obtained is as follows:\nath12k_dp_tx+0x228/0x988 [ath12k]\nath12k_mac_tx_check_max_limit+0x608/0x920 [ath12k]\nieee80211_process_measurement_req+0x320/0x348 [mac80211]\nieee80211_tx_dequeue+0x9ac/0x1518 [mac80211]\nieee80211_tx_dequeue+0xb14/0x1518 [mac80211]\nieee80211_tx_prepare_skb+0x224/0x254 [mac80211]\nieee80211_xmit+0xec/0x100 [mac80211]\n__ieee80211_subif_start_xmit+0xc50/0xf40 [mac80211]\nieee80211_subif_start_xmit+0x2e8/0x308 [mac80211]\nnetdev_start_xmit+0x150/0x18c\ndev_hard_start_xmit+0x74/0xc0\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.3.1-00173-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38605",
"url": "https://www.suse.com/security/cve/CVE-2025-38605"
},
{
"category": "external",
"summary": "SUSE Bug 1248334 for CVE-2025-38605",
"url": "https://bugzilla.suse.com/1248334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38605"
},
{
"cve": "CVE-2025-38614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: Fix semi-unbounded recursion\n\nEnsure that epoll instances can never form a graph deeper than\nEP_MAX_NESTS+1 links.\n\nCurrently, ep_loop_check_proc() ensures that the graph is loop-free and\ndoes some recursion depth checks, but those recursion depth checks don\u0027t\nlimit the depth of the resulting tree for two reasons:\n\n - They don\u0027t look upwards in the tree.\n - If there are multiple downwards paths of different lengths, only one of\n the paths is actually considered for the depth check since commit\n 28d82dc1c4ed (\"epoll: limit paths\").\n\nEssentially, the current recursion depth check in ep_loop_check_proc() just\nserves to prevent it from recursing too deeply while checking for loops.\n\nA more thorough check is done in reverse_path_check() after the new graph\nedge has already been created; this checks, among other things, that no\npaths going upwards from any non-epoll file with a length of more than 5\nedges exist. However, this check does not apply to non-epoll files.\n\nAs a result, it is possible to recurse to a depth of at least roughly 500,\ntested on v6.15. (I am unsure if deeper recursion is possible; and this may\nhave changed with commit 8c44dac8add7 (\"eventpoll: Fix priority inversion\nproblem\").)\n\nTo fix it:\n\n1. In ep_loop_check_proc(), note the subtree depth of each visited node,\nand use subtree depths for the total depth calculation even when a subtree\nhas already been visited.\n2. Add ep_get_upwards_depth_proc() for similarly determining the maximum\ndepth of an upwards walk.\n3. In ep_loop_check(), use these values to limit the total path length\nbetween epoll nodes to EP_MAX_NESTS edges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38614",
"url": "https://www.suse.com/security/cve/CVE-2025-38614"
},
{
"category": "external",
"summary": "SUSE Bug 1248392 for CVE-2025-38614",
"url": "https://bugzilla.suse.com/1248392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38614"
},
{
"cve": "CVE-2025-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: handle data disappearing from under the TLS ULP\n\nTLS expects that it owns the receive queue of the TCP socket.\nThis cannot be guaranteed in case the reader of the TCP socket\nentered before the TLS ULP was installed, or uses some non-standard\nread API (eg. zerocopy ones). Replace the WARN_ON() and a buggy\nearly exit (which leaves anchor pointing to a freed skb) with real\nerror handling. Wipe the parsing state and tell the reader to retry.\n\nWe already reload the anchor every time we (re)acquire the socket lock,\nso the only condition we need to avoid is an out of bounds read\n(not having enough bytes in the socket for previously parsed record len).\n\nIf some data was read from under TLS but there\u0027s enough in the queue\nwe\u0027ll reload and decrypt what is most likely not a valid TLS record.\nLeading to some undefined behavior from TLS perspective (corrupting\na stream? missing an alert? missing an attack?) but no kernel crash\nshould take place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38616",
"url": "https://www.suse.com/security/cve/CVE-2025-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1248512 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1248512"
},
{
"category": "external",
"summary": "SUSE Bug 1249537 for CVE-2025-38616",
"url": "https://bugzilla.suse.com/1249537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2025-38616"
},
{
"cve": "CVE-2025-38622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: drop UFO packets in udp_rcv_segment()\n\nWhen sending a packet with virtio_net_hdr to tun device, if the gso_type\nin virtio_net_hdr is SKB_GSO_UDP and the gso_size is less than udphdr\nsize, below crash may happen.\n\n ------------[ cut here ]------------\n kernel BUG at net/core/skbuff.c:4572!\n Oops: invalid opcode: 0000 [#1] SMP NOPTI\n CPU: 0 UID: 0 PID: 62 Comm: mytest Not tainted 6.16.0-rc7 #203 PREEMPT(voluntary)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:skb_pull_rcsum+0x8e/0xa0\n Code: 00 00 5b c3 cc cc cc cc 8b 93 88 00 00 00 f7 da e8 37 44 38 00 f7 d8 89 83 88 00 00 00 48 8b 83 c8 00 00 00 5b c3 cc cc cc cc \u003c0f\u003e 0b 0f 0b 66 66 2e 0f 1f 84 00 000\n RSP: 0018:ffffc900001fba38 EFLAGS: 00000297\n RAX: 0000000000000004 RBX: ffff8880040c1000 RCX: ffffc900001fb948\n RDX: ffff888003e6d700 RSI: 0000000000000008 RDI: ffff88800411a062\n RBP: ffff8880040c1000 R08: 0000000000000000 R09: 0000000000000001\n R10: ffff888003606c00 R11: 0000000000000001 R12: 0000000000000000\n R13: ffff888004060900 R14: ffff888004050000 R15: ffff888004060900\n FS: 000000002406d3c0(0000) GS:ffff888084a19000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000020000040 CR3: 0000000004007000 CR4: 00000000000006f0\n Call Trace:\n \u003cTASK\u003e\n udp_queue_rcv_one_skb+0x176/0x4b0 net/ipv4/udp.c:2445\n udp_queue_rcv_skb+0x155/0x1f0 net/ipv4/udp.c:2475\n udp_unicast_rcv_skb+0x71/0x90 net/ipv4/udp.c:2626\n __udp4_lib_rcv+0x433/0xb00 net/ipv4/udp.c:2690\n ip_protocol_deliver_rcu+0xa6/0x160 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x72/0x90 net/ipv4/ip_input.c:233\n ip_sublist_rcv_finish+0x5f/0x70 net/ipv4/ip_input.c:579\n ip_sublist_rcv+0x122/0x1b0 net/ipv4/ip_input.c:636\n ip_list_rcv+0xf7/0x130 net/ipv4/ip_input.c:670\n __netif_receive_skb_list_core+0x21d/0x240 net/core/dev.c:6067\n netif_receive_skb_list_internal+0x186/0x2b0 net/core/dev.c:6210\n napi_complete_done+0x78/0x180 net/core/dev.c:6580\n tun_get_user+0xa63/0x1120 drivers/net/tun.c:1909\n tun_chr_write_iter+0x65/0xb0 drivers/net/tun.c:1984\n vfs_write+0x300/0x420 fs/read_write.c:593\n ksys_write+0x60/0xd0 fs/read_write.c:686\n do_syscall_64+0x50/0x1c0 arch/x86/entry/syscall_64.c:63\n \u003c/TASK\u003e\n\nTo trigger gso segment in udp_queue_rcv_skb(), we should also set option\nUDP_ENCAP_ESPINUDP to enable udp_sk(sk)-\u003eencap_rcv. When the encap_rcv\nhook return 1 in udp_queue_rcv_one_skb(), udp_csum_pull_header() will try\nto pull udphdr, but the skb size has been segmented to gso size, which\nleads to this crash.\n\nPrevious commit cf329aa42b66 (\"udp: cope with UDP GRO packet misdirection\")\nintroduces segmentation in UDP receive path only for GRO, which was never\nintended to be used for UFO, so drop UFO packets in udp_rcv_segment().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38622",
"url": "https://www.suse.com/security/cve/CVE-2025-38622"
},
{
"category": "external",
"summary": "SUSE Bug 1248619 for CVE-2025-38622",
"url": "https://bugzilla.suse.com/1248619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38622"
},
{
"cve": "CVE-2025-38623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38623"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: pnv_php: Fix surprise plug detection and recovery\n\nThe existing PowerNV hotplug code did not handle surprise plug events\ncorrectly, leading to a complete failure of the hotplug system after device\nremoval and a required reboot to detect new devices.\n\nThis comes down to two issues:\n\n 1) When a device is surprise removed, often the bridge upstream\n port will cause a PE freeze on the PHB. If this freeze is not\n cleared, the MSI interrupts from the bridge hotplug notification\n logic will not be received by the kernel, stalling all plug events\n on all slots associated with the PE.\n\n 2) When a device is removed from a slot, regardless of surprise or\n programmatic removal, the associated PHB/PE ls left frozen.\n If this freeze is not cleared via a fundamental reset, skiboot\n is unable to clear the freeze and cannot retrain / rescan the\n slot. This also requires a reboot to clear the freeze and redetect\n the device in the slot.\n\nIssue the appropriate unfreeze and rescan commands on hotplug events,\nand don\u0027t oops on hotplug if pci_bus_to_OF_node() returns NULL.\n\n[bhelgaas: tidy comments]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38623",
"url": "https://www.suse.com/security/cve/CVE-2025-38623"
},
{
"category": "external",
"summary": "SUSE Bug 1248610 for CVE-2025-38623",
"url": "https://bugzilla.suse.com/1248610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "low"
}
],
"title": "CVE-2025-38623"
},
{
"cve": "CVE-2025-38628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38628"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa/mlx5: Fix release of uninitialized resources on error path\n\nThe commit in the fixes tag made sure that mlx5_vdpa_free()\nis the single entrypoint for removing the vdpa device resources\nadded in mlx5_vdpa_dev_add(), even in the cleanup path of\nmlx5_vdpa_dev_add().\n\nThis means that all functions from mlx5_vdpa_free() should be able to\nhandle uninitialized resources. This was not the case though:\nmlx5_vdpa_destroy_mr_resources() and mlx5_cmd_cleanup_async_ctx()\nwere not able to do so. This caused the splat below when adding\na vdpa device without a MAC address.\n\nThis patch fixes these remaining issues:\n\n- Makes mlx5_vdpa_destroy_mr_resources() return early if called on\n uninitialized resources.\n\n- Moves mlx5_cmd_init_async_ctx() early on during device addition\n because it can\u0027t fail. This means that mlx5_cmd_cleanup_async_ctx()\n also can\u0027t fail. To mirror this, move the call site of\n mlx5_cmd_cleanup_async_ctx() in mlx5_vdpa_free().\n\nAn additional comment was added in mlx5_vdpa_free() to document\nthe expectations of functions called from this context.\n\nSplat:\n\n mlx5_core 0000:b5:03.2: mlx5_vdpa_dev_add:3950:(pid 2306) warning: No mac address provisioned?\n ------------[ cut here ]------------\n WARNING: CPU: 13 PID: 2306 at kernel/workqueue.c:4207 __flush_work+0x9a/0xb0\n [...]\n Call Trace:\n \u003cTASK\u003e\n ? __try_to_del_timer_sync+0x61/0x90\n ? __timer_delete_sync+0x2b/0x40\n mlx5_vdpa_destroy_mr_resources+0x1c/0x40 [mlx5_vdpa]\n mlx5_vdpa_free+0x45/0x160 [mlx5_vdpa]\n vdpa_release_dev+0x1e/0x50 [vdpa]\n device_release+0x31/0x90\n kobject_cleanup+0x37/0x130\n mlx5_vdpa_dev_add+0x327/0x890 [mlx5_vdpa]\n vdpa_nl_cmd_dev_add_set_doit+0x2c1/0x4d0 [vdpa]\n genl_family_rcv_msg_doit+0xd8/0x130\n genl_family_rcv_msg+0x14b/0x220\n ? __pfx_vdpa_nl_cmd_dev_add_set_doit+0x10/0x10 [vdpa]\n genl_rcv_msg+0x47/0xa0\n ? __pfx_genl_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x53/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x27b/0x3b0\n netlink_sendmsg+0x1f7/0x430\n __sys_sendto+0x1fa/0x210\n ? ___pte_offset_map+0x17/0x160\n ? next_uptodate_folio+0x85/0x2b0\n ? percpu_counter_add_batch+0x51/0x90\n ? filemap_map_pages+0x515/0x660\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x7b/0x2c0\n ? do_read_fault+0x108/0x220\n ? do_pte_missing+0x14a/0x3e0\n ? __handle_mm_fault+0x321/0x730\n ? count_memcg_events+0x13f/0x180\n ? handle_mm_fault+0x1fb/0x2d0\n ? do_user_addr_fault+0x20c/0x700\n ? syscall_exit_work+0x104/0x140\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f0c25b0feca\n [...]\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38628",
"url": "https://www.suse.com/security/cve/CVE-2025-38628"
},
{
"category": "external",
"summary": "SUSE Bug 1248616 for CVE-2025-38628",
"url": "https://bugzilla.suse.com/1248616"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38628"
},
{
"cve": "CVE-2025-38639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38639"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_nfacct: don\u0027t assume acct name is null-terminated\n\nBUG: KASAN: slab-out-of-bounds in .. lib/vsprintf.c:721\nRead of size 1 at addr ffff88801eac95c8 by task syz-executor183/5851\n[..]\n string+0x231/0x2b0 lib/vsprintf.c:721\n vsnprintf+0x739/0xf00 lib/vsprintf.c:2874\n [..]\n nfacct_mt_checkentry+0xd2/0xe0 net/netfilter/xt_nfacct.c:41\n xt_check_match+0x3d1/0xab0 net/netfilter/x_tables.c:523\n\nnfnl_acct_find_get() handles non-null input, but the error\nprintk relied on its presence.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38639",
"url": "https://www.suse.com/security/cve/CVE-2025-38639"
},
{
"category": "external",
"summary": "SUSE Bug 1248674 for CVE-2025-38639",
"url": "https://bugzilla.suse.com/1248674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38639"
},
{
"cve": "CVE-2025-38640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Disable migration in nf_hook_run_bpf().\n\nsyzbot reported that the netfilter bpf prog can be called without\nmigration disabled in xmit path.\n\nThen the assertion in __bpf_prog_run() fails, triggering the splat\nbelow. [0]\n\nLet\u0027s use bpf_prog_run_pin_on_cpu() in nf_hook_run_bpf().\n\n[0]:\nBUG: assuming non migratable context at ./include/linux/filter.h:703\nin_atomic(): 0, irqs_disabled(): 0, migration_disabled() 0 pid: 5829, name: sshd-session\n3 locks held by sshd-session/5829:\n #0: ffff88807b4e4218 (sk_lock-AF_INET){+.+.}-{0:0}, at: lock_sock include/net/sock.h:1667 [inline]\n #0: ffff88807b4e4218 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_sendmsg+0x20/0x50 net/ipv4/tcp.c:1395\n #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]\n #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]\n #1: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: __ip_queue_xmit+0x69/0x26c0 net/ipv4/ip_output.c:470\n #2: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_lock_acquire include/linux/rcupdate.h:331 [inline]\n #2: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: rcu_read_lock include/linux/rcupdate.h:841 [inline]\n #2: ffffffff8e5c4e00 (rcu_read_lock){....}-{1:3}, at: nf_hook+0xb2/0x680 include/linux/netfilter.h:241\nCPU: 0 UID: 0 PID: 5829 Comm: sshd-session Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full)\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x16c/0x1f0 lib/dump_stack.c:120\n __cant_migrate kernel/sched/core.c:8860 [inline]\n __cant_migrate+0x1c7/0x250 kernel/sched/core.c:8834\n __bpf_prog_run include/linux/filter.h:703 [inline]\n bpf_prog_run include/linux/filter.h:725 [inline]\n nf_hook_run_bpf+0x83/0x1e0 net/netfilter/nf_bpf_link.c:20\n nf_hook_entry_hookfn include/linux/netfilter.h:157 [inline]\n nf_hook_slow+0xbb/0x200 net/netfilter/core.c:623\n nf_hook+0x370/0x680 include/linux/netfilter.h:272\n NF_HOOK_COND include/linux/netfilter.h:305 [inline]\n ip_output+0x1bc/0x2a0 net/ipv4/ip_output.c:433\n dst_output include/net/dst.h:459 [inline]\n ip_local_out net/ipv4/ip_output.c:129 [inline]\n __ip_queue_xmit+0x1d7d/0x26c0 net/ipv4/ip_output.c:527\n __tcp_transmit_skb+0x2686/0x3e90 net/ipv4/tcp_output.c:1479\n tcp_transmit_skb net/ipv4/tcp_output.c:1497 [inline]\n tcp_write_xmit+0x1274/0x84e0 net/ipv4/tcp_output.c:2838\n __tcp_push_pending_frames+0xaf/0x390 net/ipv4/tcp_output.c:3021\n tcp_push+0x225/0x700 net/ipv4/tcp.c:759\n tcp_sendmsg_locked+0x1870/0x42b0 net/ipv4/tcp.c:1359\n tcp_sendmsg+0x2e/0x50 net/ipv4/tcp.c:1396\n inet_sendmsg+0xb9/0x140 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg net/socket.c:727 [inline]\n sock_write_iter+0x4aa/0x5b0 net/socket.c:1131\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x6c7/0x1150 fs/read_write.c:686\n ksys_write+0x1f8/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcd/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe7d365d407\nCode: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 \u003c5b\u003e c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff\nRSP:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38640",
"url": "https://www.suse.com/security/cve/CVE-2025-38640"
},
{
"category": "external",
"summary": "SUSE Bug 1248622 for CVE-2025-38640",
"url": "https://bugzilla.suse.com/1248622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38640"
},
{
"cve": "CVE-2025-38643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38643"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac()\n\nCallers of wdev_chandef() must hold the wiphy mutex.\n\nBut the worker cfg80211_propagate_cac_done_wk() never takes the lock.\nWhich triggers the warning below with the mesh_peer_connected_dfs\ntest from hostapd and not (yet) released mac80211 code changes:\n\nWARNING: CPU: 0 PID: 495 at net/wireless/chan.c:1552 wdev_chandef+0x60/0x165\nModules linked in:\nCPU: 0 UID: 0 PID: 495 Comm: kworker/u4:2 Not tainted 6.14.0-rc5-wt-g03960e6f9d47 #33 13c287eeabfe1efea01c0bcc863723ab082e17cf\nWorkqueue: cfg80211 cfg80211_propagate_cac_done_wk\nStack:\n 00000000 00000001 ffffff00 6093267c\n 00000000 6002ec30 6d577c50 60037608\n 00000000 67e8d108 6063717b 00000000\nCall Trace:\n [\u003c6002ec30\u003e] ? _printk+0x0/0x98\n [\u003c6003c2b3\u003e] show_stack+0x10e/0x11a\n [\u003c6002ec30\u003e] ? _printk+0x0/0x98\n [\u003c60037608\u003e] dump_stack_lvl+0x71/0xb8\n [\u003c6063717b\u003e] ? wdev_chandef+0x60/0x165\n [\u003c6003766d\u003e] dump_stack+0x1e/0x20\n [\u003c6005d1b7\u003e] __warn+0x101/0x20f\n [\u003c6005d3a8\u003e] warn_slowpath_fmt+0xe3/0x15d\n [\u003c600b0c5c\u003e] ? mark_lock.part.0+0x0/0x4ec\n [\u003c60751191\u003e] ? __this_cpu_preempt_check+0x0/0x16\n [\u003c600b11a2\u003e] ? mark_held_locks+0x5a/0x6e\n [\u003c6005d2c5\u003e] ? warn_slowpath_fmt+0x0/0x15d\n [\u003c60052e53\u003e] ? unblock_signals+0x3a/0xe7\n [\u003c60052f2d\u003e] ? um_set_signals+0x2d/0x43\n [\u003c60751191\u003e] ? __this_cpu_preempt_check+0x0/0x16\n [\u003c607508b2\u003e] ? lock_is_held_type+0x207/0x21f\n [\u003c6063717b\u003e] wdev_chandef+0x60/0x165\n [\u003c605f89b4\u003e] regulatory_propagate_dfs_state+0x247/0x43f\n [\u003c60052f00\u003e] ? um_set_signals+0x0/0x43\n [\u003c605e6bfd\u003e] cfg80211_propagate_cac_done_wk+0x3a/0x4a\n [\u003c6007e460\u003e] process_scheduled_works+0x3bc/0x60e\n [\u003c6007d0ec\u003e] ? move_linked_works+0x4d/0x81\n [\u003c6007d120\u003e] ? assign_work+0x0/0xaa\n [\u003c6007f81f\u003e] worker_thread+0x220/0x2dc\n [\u003c600786ef\u003e] ? set_pf_worker+0x0/0x57\n [\u003c60087c96\u003e] ? to_kthread+0x0/0x43\n [\u003c6008ab3c\u003e] kthread+0x2d3/0x2e2\n [\u003c6007f5ff\u003e] ? worker_thread+0x0/0x2dc\n [\u003c6006c05b\u003e] ? calculate_sigpending+0x0/0x56\n [\u003c6003b37d\u003e] new_thread_handler+0x4a/0x64\nirq event stamp: 614611\nhardirqs last enabled at (614621): [\u003c00000000600bc96b\u003e] __up_console_sem+0x82/0xaf\nhardirqs last disabled at (614630): [\u003c00000000600bc92c\u003e] __up_console_sem+0x43/0xaf\nsoftirqs last enabled at (614268): [\u003c00000000606c55c6\u003e] __ieee80211_wake_queue+0x933/0x985\nsoftirqs last disabled at (614266): [\u003c00000000606c52d6\u003e] __ieee80211_wake_queue+0x643/0x985",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38643",
"url": "https://www.suse.com/security/cve/CVE-2025-38643"
},
{
"category": "external",
"summary": "SUSE Bug 1248681 for CVE-2025-38643",
"url": "https://bugzilla.suse.com/1248681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38643"
},
{
"cve": "CVE-2025-38645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38645"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Check device memory pointer before usage\n\nAdd a NULL check before accessing device memory to prevent a crash if\ndev-\u003edm allocation in mlx5_init_once() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38645",
"url": "https://www.suse.com/security/cve/CVE-2025-38645"
},
{
"category": "external",
"summary": "SUSE Bug 1248626 for CVE-2025-38645",
"url": "https://bugzilla.suse.com/1248626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38645"
},
{
"cve": "CVE-2025-38659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: No more self recovery\n\nWhen a node withdraws and it turns out that it is the only node that has\nthe filesystem mounted, gfs2 currently tries to replay the local journal\nto bring the filesystem back into a consistent state. Not only is that\na very bad idea, it has also never worked because gfs2_recover_func()\nwill refuse to do anything during a withdraw.\n\nHowever, before even getting to this point, gfs2_recover_func()\ndereferences sdp-\u003esd_jdesc-\u003ejd_inode. This was a use-after-free before\ncommit 04133b607a78 (\"gfs2: Prevent double iput for journal on error\")\nand is a NULL pointer dereference since then.\n\nSimply get rid of self recovery to fix that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38659",
"url": "https://www.suse.com/security/cve/CVE-2025-38659"
},
{
"category": "external",
"summary": "SUSE Bug 1248639 for CVE-2025-38659",
"url": "https://bugzilla.suse.com/1248639"
},
{
"category": "external",
"summary": "SUSE Bug 1248759 for CVE-2025-38659",
"url": "https://bugzilla.suse.com/1248759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2025-38659"
},
{
"cve": "CVE-2025-38660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n[ceph] parse_longname(): strrchr() expects NUL-terminated string\n\n... and parse_longname() is not guaranteed that. That\u0027s the reason\nwhy it uses kmemdup_nul() to build the argument for kstrtou64();\nthe problem is, kstrtou64() is not the only thing that need it.\n\nJust get a NUL-terminated copy of the entire thing and be done\nwith that...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38660",
"url": "https://www.suse.com/security/cve/CVE-2025-38660"
},
{
"category": "external",
"summary": "SUSE Bug 1248634 for CVE-2025-38660",
"url": "https://bugzilla.suse.com/1248634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38660"
},
{
"cve": "CVE-2025-38664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Fix a null pointer dereference in ice_copy_and_init_pkg()\n\nAdd check for the return value of devm_kmemdup()\nto prevent potential null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38664",
"url": "https://www.suse.com/security/cve/CVE-2025-38664"
},
{
"category": "external",
"summary": "SUSE Bug 1248628 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248628"
},
{
"category": "external",
"summary": "SUSE Bug 1248631 for CVE-2025-38664",
"url": "https://bugzilla.suse.com/1248631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2025-38664"
},
{
"cve": "CVE-2025-38668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregulator: core: fix NULL dereference on unbind due to stale coupling data\n\nFailing to reset coupling_desc.n_coupled after freeing coupled_rdevs can\nlead to NULL pointer dereference when regulators are accessed post-unbind.\n\nThis can happen during runtime PM or other regulator operations that rely\non coupling metadata.\n\nFor example, on ridesx4, unbinding the \u0027reg-dummy\u0027 platform device triggers\na panic in regulator_lock_recursive() due to stale coupling state.\n\nEnsure n_coupled is set to 0 to prevent access to invalid pointers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38668",
"url": "https://www.suse.com/security/cve/CVE-2025-38668"
},
{
"category": "external",
"summary": "SUSE Bug 1248647 for CVE-2025-38668",
"url": "https://bugzilla.suse.com/1248647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38668"
},
{
"cve": "CVE-2025-38676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/amd: Avoid stack buffer overflow from kernel cmdline\n\nWhile the kernel command line is considered trusted in most environments,\navoid writing 1 byte past the end of \"acpiid\" if the \"str\" argument is\nmaximum length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38676",
"url": "https://www.suse.com/security/cve/CVE-2025-38676"
},
{
"category": "external",
"summary": "SUSE Bug 1248775 for CVE-2025-38676",
"url": "https://bugzilla.suse.com/1248775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38676"
},
{
"cve": "CVE-2025-38678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject duplicate device on updates\n\nA chain/flowtable update with duplicated devices in the same batch is\npossible. Unfortunately, netdev event path only removes the first\ndevice that is found, leaving unregistered the hook of the duplicated\ndevice.\n\nCheck if a duplicated device exists in the transaction batch, bail out\nwith EEXIST in such case.\n\nWARNING is hit when unregistering the hook:\n\n [49042.221275] WARNING: CPU: 4 PID: 8425 at net/netfilter/core.c:340 nf_hook_entry_head+0xaa/0x150\n [49042.221375] CPU: 4 UID: 0 PID: 8425 Comm: nft Tainted: G S 6.16.0+ #170 PREEMPT(full)\n [...]\n [49042.221382] RIP: 0010:nf_hook_entry_head+0xaa/0x150",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38678",
"url": "https://www.suse.com/security/cve/CVE-2025-38678"
},
{
"category": "external",
"summary": "SUSE Bug 1249126 for CVE-2025-38678",
"url": "https://bugzilla.suse.com/1249126"
},
{
"category": "external",
"summary": "SUSE Bug 1249534 for CVE-2025-38678",
"url": "https://bugzilla.suse.com/1249534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2025-38678"
},
{
"cve": "CVE-2025-38679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: venus: Fix OOB read due to missing payload bound check\n\nCurrently, The event_seq_changed() handler processes a variable number\nof properties sent by the firmware. The number of properties is indicated\nby the firmware and used to iterate over the payload. However, the\npayload size is not being validated against the actual message length.\n\nThis can lead to out-of-bounds memory access if the firmware provides a\nproperty count that exceeds the data available in the payload. Such a\ncondition can result in kernel crashes or potential information leaks if\nmemory beyond the buffer is accessed.\n\nFix this by properly validating the remaining size of the payload before\neach property access and updating bounds accordingly as properties are\nparsed.\n\nThis ensures that property parsing is safely bounded within the received\nmessage buffer and protects against malformed or malicious firmware\nbehavior.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38679",
"url": "https://www.suse.com/security/cve/CVE-2025-38679"
},
{
"category": "external",
"summary": "SUSE Bug 1249202 for CVE-2025-38679",
"url": "https://bugzilla.suse.com/1249202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38679"
},
{
"cve": "CVE-2025-38684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: ets: use old \u0027nbands\u0027 while purging unused classes\n\nShuang reported sch_ets test-case [1] crashing in ets_class_qlen_notify()\nafter recent changes from Lion [2]. The problem is: in ets_qdisc_change()\nwe purge unused DWRR queues; the value of \u0027q-\u003enbands\u0027 is the new one, and\nthe cleanup should be done with the old one. The problem is here since my\nfirst attempts to fix ets_qdisc_change(), but it surfaced again after the\nrecent qdisc len accounting fixes. Fix it purging idle DWRR queues before\nassigning a new value of \u0027q-\u003enbands\u0027, so that all purge operations find a\nconsistent configuration:\n\n - old \u0027q-\u003enbands\u0027 because it\u0027s needed by ets_class_find()\n - old \u0027q-\u003enstrict\u0027 because it\u0027s needed by ets_class_is_strict()\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: Oops: 0000 [#1] SMP NOPTI\n CPU: 62 UID: 0 PID: 39457 Comm: tc Kdump: loaded Not tainted 6.12.0-116.el10.x86_64 #1 PREEMPT(voluntary)\n Hardware name: Dell Inc. PowerEdge R640/06DKY5, BIOS 2.12.2 07/09/2021\n RIP: 0010:__list_del_entry_valid_or_report+0x4/0x80\n Code: ff 4c 39 c7 0f 84 39 19 8e ff b8 01 00 00 00 c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa \u003c48\u003e 8b 17 48 8b 4f 08 48 85 d2 0f 84 56 19 8e ff 48 85 c9 0f 84 ab\n RSP: 0018:ffffba186009f400 EFLAGS: 00010202\n RAX: 00000000000000d6 RBX: 0000000000000000 RCX: 0000000000000004\n RDX: ffff9f0fa29b69c0 RSI: 0000000000000000 RDI: 0000000000000000\n RBP: ffffffffc12c2400 R08: 0000000000000008 R09: 0000000000000004\n R10: ffffffffffffffff R11: 0000000000000004 R12: 0000000000000000\n R13: ffff9f0f8cfe0000 R14: 0000000000100005 R15: 0000000000000000\n FS: 00007f2154f37480(0000) GS:ffff9f269c1c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 00000001530be001 CR4: 00000000007726f0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ets_class_qlen_notify+0x65/0x90 [sch_ets]\n qdisc_tree_reduce_backlog+0x74/0x110\n ets_qdisc_change+0x630/0xa40 [sch_ets]\n __tc_modify_qdisc.constprop.0+0x216/0x7f0\n tc_modify_qdisc+0x7c/0x120\n rtnetlink_rcv_msg+0x145/0x3f0\n netlink_rcv_skb+0x53/0x100\n netlink_unicast+0x245/0x390\n netlink_sendmsg+0x21b/0x470\n ____sys_sendmsg+0x39d/0x3d0\n ___sys_sendmsg+0x9a/0xe0\n __sys_sendmsg+0x7a/0xd0\n do_syscall_64+0x7d/0x160\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f2155114084\n Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d 25 f0 0c 00 00 74 13 b8 2e 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\n RSP: 002b:00007fff1fd7a988 EFLAGS: 00000202 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 0000560ec063e5e0 RCX: 00007f2155114084\n RDX: 0000000000000000 RSI: 00007fff1fd7a9f0 RDI: 0000000000000003\n RBP: 00007fff1fd7aa60 R08: 0000000000000010 R09: 000000000000003f\n R10: 0000560ee9b3a010 R11: 0000000000000202 R12: 00007fff1fd7aae0\n R13: 000000006891ccde R14: 0000560ec063e5e0 R15: 00007fff1fd7aad0\n \u003c/TASK\u003e\n\n [1] https://lore.kernel.org/netdev/e08c7f4a6882f260011909a868311c6e9b54f3e4.1639153474.git.dcaratti@redhat.com/\n [2] https://lore.kernel.org/netdev/d912cbd7-193b-4269-9857-525bee8bbb6a@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38684",
"url": "https://www.suse.com/security/cve/CVE-2025-38684"
},
{
"category": "external",
"summary": "SUSE Bug 1249156 for CVE-2025-38684",
"url": "https://bugzilla.suse.com/1249156"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38684"
},
{
"cve": "CVE-2025-38701",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38701"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: do not BUG when INLINE_DATA_FL lacks system.data xattr\n\nA syzbot fuzzed image triggered a BUG_ON in ext4_update_inline_data()\nwhen an inode had the INLINE_DATA_FL flag set but was missing the\nsystem.data extended attribute.\n\nSince this can happen due to a maiciouly fuzzed file system, we\nshouldn\u0027t BUG, but rather, report it as a corrupted file system.\n\nAdd similar replacements of BUG_ON with EXT4_ERROR_INODE() ii\next4_create_inline_data() and ext4_inline_data_truncate().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38701",
"url": "https://www.suse.com/security/cve/CVE-2025-38701"
},
{
"category": "external",
"summary": "SUSE Bug 1249258 for CVE-2025-38701",
"url": "https://bugzilla.suse.com/1249258"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38701"
},
{
"cve": "CVE-2025-38703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe: Make dma-fences compliant with the safe access rules\n\nXe can free some of the data pointed to by the dma-fences it exports. Most\nnotably the timeline name can get freed if userspace closes the associated\nsubmit queue. At the same time the fence could have been exported to a\nthird party (for example a sync_fence fd) which will then cause an use-\nafter-free on subsequent access.\n\nTo make this safe we need to make the driver compliant with the newly\ndocumented dma-fence rules. Driver has to ensure a RCU grace period\nbetween signalling a fence and freeing any data pointed to by said fence.\n\nFor the timeline name we simply make the queue be freed via kfree_rcu and\nfor the shared lock associated with multiple queues we add a RCU grace\nperiod before freeing the per GT structure holding the lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38703",
"url": "https://www.suse.com/security/cve/CVE-2025-38703"
},
{
"category": "external",
"summary": "SUSE Bug 1249193 for CVE-2025-38703",
"url": "https://bugzilla.suse.com/1249193"
},
{
"category": "external",
"summary": "SUSE Bug 1249763 for CVE-2025-38703",
"url": "https://bugzilla.suse.com/1249763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2025-38703"
},
{
"cve": "CVE-2025-38705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix null pointer access\n\nWriting a string without delimiters (\u0027 \u0027, \u0027\\n\u0027, \u0027\\0\u0027) to the under\ngpu_od/fan_ctrl sysfs or pp_power_profile_mode for the CUSTOM profile\nwill result in a null pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38705",
"url": "https://www.suse.com/security/cve/CVE-2025-38705"
},
{
"category": "external",
"summary": "SUSE Bug 1249334 for CVE-2025-38705",
"url": "https://bugzilla.suse.com/1249334"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38705"
},
{
"cve": "CVE-2025-38709",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38709"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nloop: Avoid updating block size under exclusive owner\n\nSyzbot came up with a reproducer where a loop device block size is\nchanged underneath a mounted filesystem. This causes a mismatch between\nthe block device block size and the block size stored in the superblock\ncausing confusion in various places such as fs/buffer.c. The particular\nissue triggered by syzbot was a warning in __getblk_slow() due to\nrequested buffer size not matching block device block size.\n\nFix the problem by getting exclusive hold of the loop device to change\nits block size. This fails if somebody (such as filesystem) has already\nan exclusive ownership of the block device and thus prevents modifying\nthe loop device under some exclusive owner which doesn\u0027t expect it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38709",
"url": "https://www.suse.com/security/cve/CVE-2025-38709"
},
{
"category": "external",
"summary": "SUSE Bug 1249199 for CVE-2025-38709",
"url": "https://bugzilla.suse.com/1249199"
},
{
"category": "external",
"summary": "SUSE Bug 1249535 for CVE-2025-38709",
"url": "https://bugzilla.suse.com/1249535"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38709"
},
{
"cve": "CVE-2025-38710",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38710"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Validate i_depth for exhash directories\n\nA fuzzer test introduced corruption that ends up with a depth of 0 in\ndir_e_read(), causing an undefined shift by 32 at:\n\n index = hash \u003e\u003e (32 - dip-\u003ei_depth);\n\nAs calculated in an open-coded way in dir_make_exhash(), the minimum\ndepth for an exhash directory is ilog2(sdp-\u003esd_hash_ptrs) and 0 is\ninvalid as sdp-\u003esd_hash_ptrs is fixed as sdp-\u003ebsize / 16 at mount time.\n\nSo we can avoid the undefined behaviour by checking for depth values\nlower than the minimum in gfs2_dinode_in(). Values greater than the\nmaximum are already being checked for there.\n\nAlso switch the calculation in dir_make_exhash() to use ilog2() to\nclarify how the depth is calculated.\n\nTested with the syzkaller repro.c and xfstests \u0027-g quick\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38710",
"url": "https://www.suse.com/security/cve/CVE-2025-38710"
},
{
"category": "external",
"summary": "SUSE Bug 1249201 for CVE-2025-38710",
"url": "https://bugzilla.suse.com/1249201"
},
{
"category": "external",
"summary": "SUSE Bug 1249536 for CVE-2025-38710",
"url": "https://bugzilla.suse.com/1249536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2025-38710"
},
{
"cve": "CVE-2025-38721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38721"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: fix refcount leak on table dump\n\nThere is a reference count leak in ctnetlink_dump_table():\n if (res \u003c 0) {\n nf_conntrack_get(\u0026ct-\u003ect_general); // HERE\n cb-\u003eargs[1] = (unsigned long)ct;\n ...\n\nWhile its very unlikely, its possible that ct == last.\nIf this happens, then the refcount of ct was already incremented.\nThis 2nd increment is never undone.\n\nThis prevents the conntrack object from being released, which in turn\nkeeps prevents cnet-\u003ecount from dropping back to 0.\n\nThis will then block the netns dismantle (or conntrack rmmod) as\nnf_conntrack_cleanup_net_list() will wait forever.\n\nThis can be reproduced by running conntrack_resize.sh selftest in a loop.\nIt takes ~20 minutes for me on a preemptible kernel on average before\nI see a runaway kworker spinning in nf_conntrack_cleanup_net_list.\n\nOne fix would to change this to:\n if (res \u003c 0) {\n\t\tif (ct != last)\n\t nf_conntrack_get(\u0026ct-\u003ect_general);\n\nBut this reference counting isn\u0027t needed in the first place.\nWe can just store a cookie value instead.\n\nA followup patch will do the same for ctnetlink_exp_dump_table,\nit looks to me as if this has the same problem and like\nctnetlink_dump_table, we only need a \u0027skip hint\u0027, not the actual\nobject so we can apply the same cookie strategy there as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38721",
"url": "https://www.suse.com/security/cve/CVE-2025-38721"
},
{
"category": "external",
"summary": "SUSE Bug 1249176 for CVE-2025-38721",
"url": "https://bugzilla.suse.com/1249176"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38721"
},
{
"cve": "CVE-2025-38722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38722"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhabanalabs: fix UAF in export_dmabuf()\n\nAs soon as we\u0027d inserted a file reference into descriptor table, another\nthread could close it. That\u0027s fine for the case when all we are doing is\nreturning that descriptor to userland (it\u0027s a race, but it\u0027s a userland\nrace and there\u0027s nothing the kernel can do about it). However, if we\nfollow fd_install() with any kind of access to objects that would be\ndestroyed on close (be it the struct file itself or anything destroyed\nby its -\u003erelease()), we have a UAF.\n\ndma_buf_fd() is a combination of reserving a descriptor and fd_install().\nhabanalabs export_dmabuf() calls it and then proceeds to access the\nobjects destroyed on close. In particular, it grabs an extra reference to\nanother struct file that will be dropped as part of -\u003erelease() for ours;\nthat \"will be\" is actually \"might have already been\".\n\nFix that by reserving descriptor before anything else and do fd_install()\nonly when everything had been set up. As a side benefit, we no longer\nhave the failure exit with file already created, but reference to\nunderlying file (as well as -\u003edmabuf_export_cnt, etc.) not grabbed yet;\nunlike dma_buf_fd(), fd_install() can\u0027t fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38722",
"url": "https://www.suse.com/security/cve/CVE-2025-38722"
},
{
"category": "external",
"summary": "SUSE Bug 1249163 for CVE-2025-38722",
"url": "https://bugzilla.suse.com/1249163"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38722"
},
{
"cve": "CVE-2025-38730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/net: commit partial buffers on retry\n\nRing provided buffers are potentially only valid within the single\nexecution context in which they were acquired. io_uring deals with this\nand invalidates them on retry. But on the networking side, if\nMSG_WAITALL is set, or if the socket is of the streaming type and too\nlittle was processed, then it will hang on to the buffer rather than\nrecycle or commit it. This is problematic for two reasons:\n\n1) If someone unregisters the provided buffer ring before a later retry,\n then the req-\u003ebuf_list will no longer be valid.\n\n2) If multiple sockers are using the same buffer group, then multiple\n receives can consume the same memory. This can cause data corruption\n in the application, as either receive could land in the same\n userspace buffer.\n\nFix this by disallowing partial retries from pinning a provided buffer\nacross multiple executions, if ring provided buffers are used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38730",
"url": "https://www.suse.com/security/cve/CVE-2025-38730"
},
{
"category": "external",
"summary": "SUSE Bug 1249172 for CVE-2025-38730",
"url": "https://bugzilla.suse.com/1249172"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38730"
},
{
"cve": "CVE-2025-38732",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38732"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_reject: don\u0027t leak dst refcount for loopback packets\n\nrecent patches to add a WARN() when replacing skb dst entry found an\nold bug:\n\nWARNING: include/linux/skbuff.h:1165 skb_dst_check_unset include/linux/skbuff.h:1164 [inline]\nWARNING: include/linux/skbuff.h:1165 skb_dst_set include/linux/skbuff.h:1210 [inline]\nWARNING: include/linux/skbuff.h:1165 nf_reject_fill_skb_dst+0x2a4/0x330 net/ipv4/netfilter/nf_reject_ipv4.c:234\n[..]\nCall Trace:\n nf_send_unreach+0x17b/0x6e0 net/ipv4/netfilter/nf_reject_ipv4.c:325\n nft_reject_inet_eval+0x4bc/0x690 net/netfilter/nft_reject_inet.c:27\n expr_call_ops_eval net/netfilter/nf_tables_core.c:237 [inline]\n ..\n\nThis is because blamed commit forgot about loopback packets.\nSuch packets already have a dst_entry attached, even at PRE_ROUTING stage.\n\nInstead of checking hook just check if the skb already has a route\nattached to it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38732",
"url": "https://www.suse.com/security/cve/CVE-2025-38732"
},
{
"category": "external",
"summary": "SUSE Bug 1249262 for CVE-2025-38732",
"url": "https://bugzilla.suse.com/1249262"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-38732"
},
{
"cve": "CVE-2025-39677",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39677"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Fix backlog accounting in qdisc_dequeue_internal\n\nThis issue applies for the following qdiscs: hhf, fq, fq_codel, and\nfq_pie, and occurs in their change handlers when adjusting to the new\nlimit. The problem is the following in the values passed to the\nsubsequent qdisc_tree_reduce_backlog call given a tbf parent:\n\n When the tbf parent runs out of tokens, skbs of these qdiscs will\n be placed in gso_skb. Their peek handlers are qdisc_peek_dequeued,\n which accounts for both qlen and backlog. However, in the case of\n qdisc_dequeue_internal, ONLY qlen is accounted for when pulling\n from gso_skb. This means that these qdiscs are missing a\n qdisc_qstats_backlog_dec when dropping packets to satisfy the\n new limit in their change handlers.\n\n One can observe this issue with the following (with tc patched to\n support a limit of 0):\n\n export TARGET=fq\n tc qdisc del dev lo root\n tc qdisc add dev lo root handle 1: tbf rate 8bit burst 100b latency 1ms\n tc qdisc replace dev lo handle 3: parent 1:1 $TARGET limit 1000\n echo \u0027\u0027; echo \u0027add child\u0027; tc -s -d qdisc show dev lo\n ping -I lo -f -c2 -s32 -W0.001 127.0.0.1 2\u003e\u00261 \u003e/dev/null\n echo \u0027\u0027; echo \u0027after ping\u0027; tc -s -d qdisc show dev lo\n tc qdisc change dev lo handle 3: parent 1:1 $TARGET limit 0\n echo \u0027\u0027; echo \u0027after limit drop\u0027; tc -s -d qdisc show dev lo\n tc qdisc replace dev lo handle 2: parent 1:1 sfq\n echo \u0027\u0027; echo \u0027post graft\u0027; tc -s -d qdisc show dev lo\n\n The second to last show command shows 0 packets but a positive\n number (74) of backlog bytes. The problem becomes clearer in the\n last show command, where qdisc_purge_queue triggers\n qdisc_tree_reduce_backlog with the positive backlog and causes an\n underflow in the tbf parent\u0027s backlog (4096 Mb instead of 0).\n\nTo fix this issue, the codepath for all clients of qdisc_dequeue_internal\nhas been simplified: codel, pie, hhf, fq, fq_pie, and fq_codel.\nqdisc_dequeue_internal handles the backlog adjustments for all cases that\ndo not directly use the dequeue handler.\n\nThe old fq_codel_change limit adjustment loop accumulated the arguments to\nthe subsequent qdisc_tree_reduce_backlog call through the cstats field.\nHowever, this is confusing and error prone as fq_codel_dequeue could also\npotentially mutate this field (which qdisc_dequeue_internal calls in the\nnon gso_skb case), so we have unified the code here with other qdiscs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39677",
"url": "https://www.suse.com/security/cve/CVE-2025-39677"
},
{
"category": "external",
"summary": "SUSE Bug 1249300 for CVE-2025-39677",
"url": "https://bugzilla.suse.com/1249300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39677"
},
{
"cve": "CVE-2025-39678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86/amd/hsmp: Ensure sock-\u003emetric_tbl_addr is non-NULL\n\nIf metric table address is not allocated, accessing metrics_bin will\nresult in a NULL pointer dereference, so add a check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39678",
"url": "https://www.suse.com/security/cve/CVE-2025-39678"
},
{
"category": "external",
"summary": "SUSE Bug 1249290 for CVE-2025-39678",
"url": "https://bugzilla.suse.com/1249290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39678"
},
{
"cve": "CVE-2025-39681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper\n\nSince\n\n 923f3a2b48bd (\"x86/resctrl: Query LLC monitoring properties once during boot\")\n\nresctrl_cpu_detect() has been moved from common CPU initialization code to\nthe vendor-specific BSP init helper, while Hygon didn\u0027t put that call in their\ncode.\n\nThis triggers a division by zero fault during early booting stage on our\nmachines with X86_FEATURE_CQM* supported, where get_rdt_mon_resources() tries\nto calculate mon_l3_config with uninitialized boot_cpu_data.x86_cache_occ_scale.\n\nAdd the missing resctrl_cpu_detect() in the Hygon BSP init helper.\n\n [ bp: Massage commit message. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39681",
"url": "https://www.suse.com/security/cve/CVE-2025-39681"
},
{
"category": "external",
"summary": "SUSE Bug 1249303 for CVE-2025-39681",
"url": "https://bugzilla.suse.com/1249303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39681"
},
{
"cve": "CVE-2025-39682",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39682"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix handling of zero-length records on the rx_list\n\nEach recvmsg() call must process either\n - only contiguous DATA records (any number of them)\n - one non-DATA record\n\nIf the next record has different type than what has already been\nprocessed we break out of the main processing loop. If the record\nhas already been decrypted (which may be the case for TLS 1.3 where\nwe don\u0027t know type until decryption) we queue the pending record\nto the rx_list. Next recvmsg() will pick it up from there.\n\nQueuing the skb to rx_list after zero-copy decrypt is not possible,\nsince in that case we decrypted directly to the user space buffer,\nand we don\u0027t have an skb to queue (darg.skb points to the ciphertext\nskb for access to metadata like length).\n\nOnly data records are allowed zero-copy, and we break the processing\nloop after each non-data record. So we should never zero-copy and\nthen find out that the record type has changed. The corner case\nwe missed is when the initial record comes from rx_list, and it\u0027s\nzero length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39682",
"url": "https://www.suse.com/security/cve/CVE-2025-39682"
},
{
"category": "external",
"summary": "SUSE Bug 1249284 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1249284"
},
{
"category": "external",
"summary": "SUSE Bug 1250192 for CVE-2025-39682",
"url": "https://bugzilla.suse.com/1250192"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2025-39682"
},
{
"cve": "CVE-2025-39691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/buffer: fix use-after-free when call bh_read() helper\n\nThere\u0027s issue as follows:\nBUG: KASAN: stack-out-of-bounds in end_buffer_read_sync+0xe3/0x110\nRead of size 8 at addr ffffc9000168f7f8 by task swapper/3/0\nCPU: 3 UID: 0 PID: 0 Comm: swapper/3 Not tainted 6.16.0-862.14.0.6.x86_64\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x55/0x70\n print_address_description.constprop.0+0x2c/0x390\n print_report+0xb4/0x270\n kasan_report+0xb8/0xf0\n end_buffer_read_sync+0xe3/0x110\n end_bio_bh_io_sync+0x56/0x80\n blk_update_request+0x30a/0x720\n scsi_end_request+0x51/0x2b0\n scsi_io_completion+0xe3/0x480\n ? scsi_device_unbusy+0x11e/0x160\n blk_complete_reqs+0x7b/0x90\n handle_softirqs+0xef/0x370\n irq_exit_rcu+0xa5/0xd0\n sysvec_apic_timer_interrupt+0x6e/0x90\n \u003c/IRQ\u003e\n\n Above issue happens when do ntfs3 filesystem mount, issue may happens\n as follows:\n mount IRQ\nntfs_fill_super\n read_cache_page\n do_read_cache_folio\n filemap_read_folio\n mpage_read_folio\n\t do_mpage_readpage\n\t ntfs_get_block_vbo\n\t bh_read\n\t submit_bh\n\t wait_on_buffer(bh);\n\t blk_complete_reqs\n\t\t\t\t scsi_io_completion\n\t\t\t\t scsi_end_request\n\t\t\t\t blk_update_request\n\t\t\t\t end_bio_bh_io_sync\n\t\t\t\t\t end_buffer_read_sync\n\t\t\t\t\t __end_buffer_read_notouch\n\t\t\t\t\t unlock_buffer\n\n wait_on_buffer(bh);--\u003e return will return to caller\n\n\t\t\t\t\t put_bh\n\t\t\t\t\t --\u003e trigger stack-out-of-bounds\nIn the mpage_read_folio() function, the stack variable \u0027map_bh\u0027 is\npassed to ntfs_get_block_vbo(). Once unlock_buffer() unlocks and\nwait_on_buffer() returns to continue processing, the stack variable\nis likely to be reclaimed. Consequently, during the end_buffer_read_sync()\nprocess, calling put_bh() may result in stack overrun.\n\nIf the bh is not allocated on the stack, it belongs to a folio. Freeing\na buffer head which belongs to a folio is done by drop_buffers() which\nwill fail to free buffers which are still locked. So it is safe to call\nput_bh() before __end_buffer_read_notouch().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39691",
"url": "https://www.suse.com/security/cve/CVE-2025-39691"
},
{
"category": "external",
"summary": "SUSE Bug 1249374 for CVE-2025-39691",
"url": "https://bugzilla.suse.com/1249374"
},
{
"category": "external",
"summary": "SUSE Bug 1249392 for CVE-2025-39691",
"url": "https://bugzilla.suse.com/1249392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39691"
},
{
"cve": "CVE-2025-39695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Flush delayed SKBs while releasing RXE resources\n\nWhen skb packets are sent out, these skb packets still depends on\nthe rxe resources, for example, QP, sk, when these packets are\ndestroyed.\n\nIf these rxe resources are released when the skb packets are destroyed,\nthe call traces will appear.\n\nTo avoid skb packets hang too long time in some network devices,\na timestamp is added when these skb packets are created. If these\nskb packets hang too long time in network devices, these network\ndevices can free these skb packets to release rxe resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39695",
"url": "https://www.suse.com/security/cve/CVE-2025-39695"
},
{
"category": "external",
"summary": "SUSE Bug 1249306 for CVE-2025-39695",
"url": "https://bugzilla.suse.com/1249306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39695"
},
{
"cve": "CVE-2025-39703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet, hsr: reject HSR frame if skb can\u0027t hold tag\n\nReceiving HSR frame with insufficient space to hold HSR tag in the skb\ncan result in a crash (kernel BUG):\n\n[ 45.390915] skbuff: skb_under_panic: text:ffffffff86f32cac len:26 put:14 head:ffff888042418000 data:ffff888042417ff4 tail:0xe end:0x180 dev:bridge_slave_1\n[ 45.392559] ------------[ cut here ]------------\n[ 45.392912] kernel BUG at net/core/skbuff.c:211!\n[ 45.393276] Oops: invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC KASAN NOPTI\n[ 45.393809] CPU: 1 UID: 0 PID: 2496 Comm: reproducer Not tainted 6.15.0 #12 PREEMPT(undef)\n[ 45.394433] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014\n[ 45.395273] RIP: 0010:skb_panic+0x15b/0x1d0\n\n\u003csnip registers, remove unreliable trace\u003e\n\n[ 45.402911] Call Trace:\n[ 45.403105] \u003cIRQ\u003e\n[ 45.404470] skb_push+0xcd/0xf0\n[ 45.404726] br_dev_queue_push_xmit+0x7c/0x6c0\n[ 45.406513] br_forward_finish+0x128/0x260\n[ 45.408483] __br_forward+0x42d/0x590\n[ 45.409464] maybe_deliver+0x2eb/0x420\n[ 45.409763] br_flood+0x174/0x4a0\n[ 45.410030] br_handle_frame_finish+0xc7c/0x1bc0\n[ 45.411618] br_handle_frame+0xac3/0x1230\n[ 45.413674] __netif_receive_skb_core.constprop.0+0x808/0x3df0\n[ 45.422966] __netif_receive_skb_one_core+0xb4/0x1f0\n[ 45.424478] __netif_receive_skb+0x22/0x170\n[ 45.424806] process_backlog+0x242/0x6d0\n[ 45.425116] __napi_poll+0xbb/0x630\n[ 45.425394] net_rx_action+0x4d1/0xcc0\n[ 45.427613] handle_softirqs+0x1a4/0x580\n[ 45.427926] do_softirq+0x74/0x90\n[ 45.428196] \u003c/IRQ\u003e\n\nThis issue was found by syzkaller.\n\nThe panic happens in br_dev_queue_push_xmit() once it receives a\ncorrupted skb with ETH header already pushed in linear data. When it\nattempts the skb_push() call, there\u0027s not enough headroom and\nskb_push() panics.\n\nThe corrupted skb is put on the queue by HSR layer, which makes a\nsequence of unintended transformations when it receives a specific\ncorrupted HSR frame (with incomplete TAG).\n\nFix it by dropping and consuming frames that are not long enough to\ncontain both ethernet and hsr headers.\n\nAlternative fix would be to check for enough headroom before skb_push()\nin br_dev_queue_push_xmit().\n\nIn the reproducer, this is injected via AF_PACKET, but I don\u0027t easily\nsee why it couldn\u0027t be sent over the wire from adjacent network.\n\nFurther Details:\n\nIn the reproducer, the following network interface chain is set up:\n\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n| veth0_to_hsr \u251c\u2500\u2500\u2500\u2524 hsr_slave0 \u253c\u2500\u2500\u2500\u2510\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 |\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2510\n \u251c\u2500\u2524 hsr0 \u251c\u2500\u2500\u2500\u2510\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2518 |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 | | \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n| veth1_to_hsr \u253c\u2500\u2500\u2500\u2524 hsr_slave1 \u251c\u2500\u2500\u2500\u2518 \u2524 |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518 \u253c bridge |\n || |\n | \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n |\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510 |\n | ... \u251c\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n \u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n\nTo trigger the events leading up to crash, reproducer sends a corrupted\nHSR fr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39703",
"url": "https://www.suse.com/security/cve/CVE-2025-39703"
},
{
"category": "external",
"summary": "SUSE Bug 1249315 for CVE-2025-39703",
"url": "https://bugzilla.suse.com/1249315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39703"
},
{
"cve": "CVE-2025-39705",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39705"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a Null pointer dereference vulnerability\n\n[Why]\nA null pointer dereference vulnerability exists in the AMD display driver\u0027s\n(DC module) cleanup function dc_destruct().\nWhen display control context (dc-\u003ectx) construction fails\n(due to memory allocation failure), this pointer remains NULL.\nDuring subsequent error handling when dc_destruct() is called,\nthere\u0027s no NULL check before dereferencing the perf_trace member\n(dc-\u003ectx-\u003eperf_trace), causing a kernel null pointer dereference crash.\n\n[How]\nCheck if dc-\u003ectx is non-NULL before dereferencing.\n\n(Updated commit text and removed unnecessary error message)\n(cherry picked from commit 9dd8e2ba268c636c240a918e0a31e6feaee19404)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39705",
"url": "https://www.suse.com/security/cve/CVE-2025-39705"
},
{
"category": "external",
"summary": "SUSE Bug 1249295 for CVE-2025-39705",
"url": "https://bugzilla.suse.com/1249295"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39705"
},
{
"cve": "CVE-2025-39707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities\n\nHUBBUB structure is not initialized on DCE hardware, so check if it is NULL\nto avoid null dereference while accessing amdgpu_dm_capabilities file in\ndebugfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39707",
"url": "https://www.suse.com/security/cve/CVE-2025-39707"
},
{
"category": "external",
"summary": "SUSE Bug 1249333 for CVE-2025-39707",
"url": "https://bugzilla.suse.com/1249333"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39707"
},
{
"cve": "CVE-2025-39711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ivsc: Fix crash at shutdown due to missing mei_cldev_disable() calls\n\nBoth the ACE and CSI driver are missing a mei_cldev_disable() call in\ntheir remove() function.\n\nThis causes the mei_cl client to stay part of the mei_device-\u003efile_list\nlist even though its memory is freed by mei_cl_bus_dev_release() calling\nkfree(cldev-\u003ecl).\n\nThis leads to a use-after-free when mei_vsc_remove() runs mei_stop()\nwhich first removes all mei bus devices calling mei_ace_remove() and\nmei_csi_remove() followed by mei_cl_bus_dev_release() and then calls\nmei_cl_all_disconnect() which walks over mei_device-\u003efile_list dereferecing\nthe just freed cldev-\u003ecl.\n\nAnd mei_vsc_remove() it self is run at shutdown because of the\nplatform_device_unregister(tp-\u003epdev) in vsc_tp_shutdown()\n\nWhen building a kernel with KASAN this leads to the following KASAN report:\n\n[ 106.634504] ==================================================================\n[ 106.634623] BUG: KASAN: slab-use-after-free in mei_cl_set_disconnected (drivers/misc/mei/client.c:783) mei\n[ 106.634683] Read of size 4 at addr ffff88819cb62018 by task systemd-shutdow/1\n[ 106.634729]\n[ 106.634767] Tainted: [E]=UNSIGNED_MODULE\n[ 106.634770] Hardware name: Dell Inc. XPS 16 9640/09CK4V, BIOS 1.12.0 02/10/2025\n[ 106.634773] Call Trace:\n[ 106.634777] \u003cTASK\u003e\n...\n[ 106.634871] kasan_report (mm/kasan/report.c:221 mm/kasan/report.c:636)\n[ 106.634901] mei_cl_set_disconnected (drivers/misc/mei/client.c:783) mei\n[ 106.634921] mei_cl_all_disconnect (drivers/misc/mei/client.c:2165 (discriminator 4)) mei\n[ 106.634941] mei_reset (drivers/misc/mei/init.c:163) mei\n...\n[ 106.635042] mei_stop (drivers/misc/mei/init.c:348) mei\n[ 106.635062] mei_vsc_remove (drivers/misc/mei/mei_dev.h:784 drivers/misc/mei/platform-vsc.c:393) mei_vsc\n[ 106.635066] platform_remove (drivers/base/platform.c:1424)\n\nAdd the missing mei_cldev_disable() calls so that the mei_cl gets removed\nfrom mei_device-\u003efile_list before it is freed to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39711",
"url": "https://www.suse.com/security/cve/CVE-2025-39711"
},
{
"category": "external",
"summary": "SUSE Bug 1249274 for CVE-2025-39711",
"url": "https://bugzilla.suse.com/1249274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39711"
},
{
"cve": "CVE-2025-39718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Validate length in packet header before skb_put()\n\nWhen receiving a vsock packet in the guest, only the virtqueue buffer\nsize is validated prior to virtio_vsock_skb_rx_put(). Unfortunately,\nvirtio_vsock_skb_rx_put() uses the length from the packet header as the\nlength argument to skb_put(), potentially resulting in SKB overflow if\nthe host has gone wonky.\n\nValidate the length as advertised by the packet header before calling\nvirtio_vsock_skb_rx_put().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39718",
"url": "https://www.suse.com/security/cve/CVE-2025-39718"
},
{
"category": "external",
"summary": "SUSE Bug 1249305 for CVE-2025-39718",
"url": "https://bugzilla.suse.com/1249305"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39718"
},
{
"cve": "CVE-2025-39738",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39738"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not allow relocation of partially dropped subvolumes\n\n[BUG]\nThere is an internal report that balance triggered transaction abort,\nwith the following call trace:\n\n item 85 key (594509824 169 0) itemoff 12599 itemsize 33\n extent refs 1 gen 197740 flags 2\n ref#0: tree block backref root 7\n item 86 key (594558976 169 0) itemoff 12566 itemsize 33\n extent refs 1 gen 197522 flags 2\n ref#0: tree block backref root 7\n ...\n BTRFS error (device loop0): extent item not found for insert, bytenr 594526208 num_bytes 16384 parent 449921024 root_objectid 934 owner 1 offset 0\n BTRFS error (device loop0): failed to run delayed ref for logical 594526208 num_bytes 16384 type 182 action 1 ref_mod 1: -117\n ------------[ cut here ]------------\n BTRFS: Transaction aborted (error -117)\n WARNING: CPU: 1 PID: 6963 at ../fs/btrfs/extent-tree.c:2168 btrfs_run_delayed_refs+0xfa/0x110 [btrfs]\n\nAnd btrfs check doesn\u0027t report anything wrong related to the extent\ntree.\n\n[CAUSE]\nThe cause is a little complex, firstly the extent tree indeed doesn\u0027t\nhave the backref for 594526208.\n\nThe extent tree only have the following two backrefs around that bytenr\non-disk:\n\n item 65 key (594509824 METADATA_ITEM 0) itemoff 13880 itemsize 33\n refs 1 gen 197740 flags TREE_BLOCK\n tree block skinny level 0\n (176 0x7) tree block backref root CSUM_TREE\n item 66 key (594558976 METADATA_ITEM 0) itemoff 13847 itemsize 33\n refs 1 gen 197522 flags TREE_BLOCK\n tree block skinny level 0\n (176 0x7) tree block backref root CSUM_TREE\n\nBut the such missing backref item is not an corruption on disk, as the\noffending delayed ref belongs to subvolume 934, and that subvolume is\nbeing dropped:\n\n item 0 key (934 ROOT_ITEM 198229) itemoff 15844 itemsize 439\n generation 198229 root_dirid 256 bytenr 10741039104 byte_limit 0 bytes_used 345571328\n last_snapshot 198229 flags 0x1000000000001(RDONLY) refs 0\n drop_progress key (206324 EXTENT_DATA 2711650304) drop_level 2\n level 2 generation_v2 198229\n\nAnd that offending tree block 594526208 is inside the dropped range of\nthat subvolume. That explains why there is no backref item for that\nbytenr and why btrfs check is not reporting anything wrong.\n\nBut this also shows another problem, as btrfs will do all the orphan\nsubvolume cleanup at a read-write mount.\n\nSo half-dropped subvolume should not exist after an RW mount, and\nbalance itself is also exclusive to subvolume cleanup, meaning we\nshouldn\u0027t hit a subvolume half-dropped during relocation.\n\nThe root cause is, there is no orphan item for this subvolume.\nIn fact there are 5 subvolumes from around 2021 that have the same\nproblem.\n\nIt looks like the original report has some older kernels running, and\ncaused those zombie subvolumes.\n\nThankfully upstream commit 8d488a8c7ba2 (\"btrfs: fix subvolume/snapshot\ndeletion not triggered on mount\") has long fixed the bug.\n\n[ENHANCEMENT]\nFor repairing such old fs, btrfs-progs will be enhanced.\n\nConsidering how delayed the problem will show up (at run delayed ref\ntime) and at that time we have to abort transaction already, it is too\nlate.\n\nInstead here we reject any half-dropped subvolume for reloc tree at the\nearliest time, preventing confusion and extra time wasted on debugging\nsimilar bugs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39738",
"url": "https://www.suse.com/security/cve/CVE-2025-39738"
},
{
"category": "external",
"summary": "SUSE Bug 1249540 for CVE-2025-39738",
"url": "https://bugzilla.suse.com/1249540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39738"
},
{
"cve": "CVE-2025-39744",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39744"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Fix rcu_read_unlock() deadloop due to IRQ work\n\nDuring rcu_read_unlock_special(), if this happens during irq_exit(), we\ncan lockup if an IPI is issued. This is because the IPI itself triggers\nthe irq_exit() path causing a recursive lock up.\n\nThis is precisely what Xiongfeng found when invoking a BPF program on\nthe trace_tick_stop() tracepoint As shown in the trace below. Fix by\nmanaging the irq_work state correctly.\n\nirq_exit()\n __irq_exit_rcu()\n /* in_hardirq() returns false after this */\n preempt_count_sub(HARDIRQ_OFFSET)\n tick_irq_exit()\n tick_nohz_irq_exit()\n\t tick_nohz_stop_sched_tick()\n\t trace_tick_stop() /* a bpf prog is hooked on this trace point */\n\t\t __bpf_trace_tick_stop()\n\t\t bpf_trace_run2()\n\t\t\t rcu_read_unlock_special()\n /* will send a IPI to itself */\n\t\t\t irq_work_queue_on(\u0026rdp-\u003edefer_qs_iw, rdp-\u003ecpu);\n\nA simple reproducer can also be obtained by doing the following in\ntick_irq_exit(). It will hang on boot without the patch:\n\n static inline void tick_irq_exit(void)\n {\n +\trcu_read_lock();\n +\tWRITE_ONCE(current-\u003ercu_read_unlock_special.b.need_qs, true);\n +\trcu_read_unlock();\n +\n\n[neeraj: Apply Frederic\u0027s suggested fix for PREEMPT_RT]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39744",
"url": "https://www.suse.com/security/cve/CVE-2025-39744"
},
{
"category": "external",
"summary": "SUSE Bug 1249494 for CVE-2025-39744",
"url": "https://bugzilla.suse.com/1249494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39744"
},
{
"cve": "CVE-2025-39746",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39746"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath10k: shutdown driver when hardware is unreliable\n\nIn rare cases, ath10k may lose connection with the PCIe bus due to\nsome unknown reasons, which could further lead to system crashes during\nresuming due to watchdog timeout:\n\nath10k_pci 0000:01:00.0: wmi command 20486 timeout, restarting hardware\nath10k_pci 0000:01:00.0: already restarting\nath10k_pci 0000:01:00.0: failed to stop WMI vdev 0: -11\nath10k_pci 0000:01:00.0: failed to stop vdev 0: -11\nieee80211 phy0: PM: **** DPM device timeout ****\nCall Trace:\n panic+0x125/0x315\n dpm_watchdog_set+0x54/0x54\n dpm_watchdog_handler+0x57/0x57\n call_timer_fn+0x31/0x13c\n\nAt this point, all WMI commands will timeout and attempt to restart\ndevice. So set a threshold for consecutive restart failures. If the\nthreshold is exceeded, consider the hardware is unreliable and all\nath10k operations should be skipped to avoid system crash.\n\nfail_cont_count and pending_recovery are atomic variables, and\ndo not involve complex conditional logic. Therefore, even if recovery\ncheck and reconfig complete are executed concurrently, the recovery\nmechanism will not be broken.\n\nTested-on: QCA6174 hw3.2 PCI WLAN.RM.4.4.1-00288-QCARMSWPZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39746",
"url": "https://www.suse.com/security/cve/CVE-2025-39746"
},
{
"category": "external",
"summary": "SUSE Bug 1249516 for CVE-2025-39746",
"url": "https://bugzilla.suse.com/1249516"
},
{
"category": "external",
"summary": "SUSE Bug 1249517 for CVE-2025-39746",
"url": "https://bugzilla.suse.com/1249517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39746"
},
{
"cve": "CVE-2025-39747",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39747"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm: Add error handling for krealloc in metadata setup\n\nFunction msm_ioctl_gem_info_set_metadata() now checks for krealloc\nfailure and returns -ENOMEM, avoiding potential NULL pointer dereference.\nExplicitly avoids __GFP_NOFAIL due to deadlock risks and allocation constraints.\n\nPatchwork: https://patchwork.freedesktop.org/patch/661235/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39747",
"url": "https://www.suse.com/security/cve/CVE-2025-39747"
},
{
"category": "external",
"summary": "SUSE Bug 1249566 for CVE-2025-39747",
"url": "https://bugzilla.suse.com/1249566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39747"
},
{
"cve": "CVE-2025-39749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu: Protect -\u003edefer_qs_iw_pending from data race\n\nOn kernels built with CONFIG_IRQ_WORK=y, when rcu_read_unlock() is\ninvoked within an interrupts-disabled region of code [1], it will invoke\nrcu_read_unlock_special(), which uses an irq-work handler to force the\nsystem to notice when the RCU read-side critical section actually ends.\nThat end won\u0027t happen until interrupts are enabled at the soonest.\n\nIn some kernels, such as those booted with rcutree.use_softirq=y, the\nirq-work handler is used unconditionally.\n\nThe per-CPU rcu_data structure\u0027s -\u003edefer_qs_iw_pending field is\nupdated by the irq-work handler and is both read and updated by\nrcu_read_unlock_special(). This resulted in the following KCSAN splat:\n\n------------------------------------------------------------------------\n\nBUG: KCSAN: data-race in rcu_preempt_deferred_qs_handler / rcu_read_unlock_special\n\nread to 0xffff96b95f42d8d8 of 1 bytes by task 90 on cpu 8:\n rcu_read_unlock_special+0x175/0x260\n __rcu_read_unlock+0x92/0xa0\n rt_spin_unlock+0x9b/0xc0\n __local_bh_enable+0x10d/0x170\n __local_bh_enable_ip+0xfb/0x150\n rcu_do_batch+0x595/0xc40\n rcu_cpu_kthread+0x4e9/0x830\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nwrite to 0xffff96b95f42d8d8 of 1 bytes by task 88 on cpu 8:\n rcu_preempt_deferred_qs_handler+0x1e/0x30\n irq_work_single+0xaf/0x160\n run_irq_workd+0x91/0xc0\n smpboot_thread_fn+0x24d/0x3b0\n kthread+0x3bd/0x410\n ret_from_fork+0x35/0x40\n ret_from_fork_asm+0x1a/0x30\n\nno locks held by irq_work/8/88.\nirq event stamp: 200272\nhardirqs last enabled at (200272): [\u003cffffffffb0f56121\u003e] finish_task_switch+0x131/0x320\nhardirqs last disabled at (200271): [\u003cffffffffb25c7859\u003e] __schedule+0x129/0xd70\nsoftirqs last enabled at (0): [\u003cffffffffb0ee093f\u003e] copy_process+0x4df/0x1cc0\nsoftirqs last disabled at (0): [\u003c0000000000000000\u003e] 0x0\n\n------------------------------------------------------------------------\n\nThe problem is that irq-work handlers run with interrupts enabled, which\nmeans that rcu_preempt_deferred_qs_handler() could be interrupted,\nand that interrupt handler might contain an RCU read-side critical\nsection, which might invoke rcu_read_unlock_special(). In the strict\nKCSAN mode of operation used by RCU, this constitutes a data race on\nthe -\u003edefer_qs_iw_pending field.\n\nThis commit therefore disables interrupts across the portion of the\nrcu_preempt_deferred_qs_handler() that updates the -\u003edefer_qs_iw_pending\nfield. This suffices because this handler is not a fast path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39749",
"url": "https://www.suse.com/security/cve/CVE-2025-39749"
},
{
"category": "external",
"summary": "SUSE Bug 1249533 for CVE-2025-39749",
"url": "https://bugzilla.suse.com/1249533"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39749"
},
{
"cve": "CVE-2025-39754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/smaps: fix race between smaps_hugetlb_range and migration\n\nsmaps_hugetlb_range() handles the pte without holdling ptl, and may be\nconcurrenct with migration, leaing to BUG_ON in pfn_swap_entry_to_page(). \nThe race is as follows.\n\nsmaps_hugetlb_range migrate_pages\n huge_ptep_get\n remove_migration_ptes\n\t\t\t\t folio_unlock\n pfn_swap_entry_folio\n BUG_ON\n\nTo fix it, hold ptl lock in smaps_hugetlb_range().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39754",
"url": "https://www.suse.com/security/cve/CVE-2025-39754"
},
{
"category": "external",
"summary": "SUSE Bug 1249524 for CVE-2025-39754",
"url": "https://bugzilla.suse.com/1249524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39754"
},
{
"cve": "CVE-2025-39764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: remove refcounting in expectation dumpers\n\nSame pattern as previous patch: do not keep the expectation object\nalive via refcount, only store a cookie value and then use that\nas the skip hint for dump resumption.\n\nAFAICS this has the same issue as the one resolved in the conntrack\ndumper, when we do\n if (!refcount_inc_not_zero(\u0026exp-\u003euse))\n\nto increment the refcount, there is a chance that exp == last, which\ncauses a double-increment of the refcount and subsequent memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39764",
"url": "https://www.suse.com/security/cve/CVE-2025-39764"
},
{
"category": "external",
"summary": "SUSE Bug 1249513 for CVE-2025-39764",
"url": "https://bugzilla.suse.com/1249513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39764"
},
{
"cve": "CVE-2025-39766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit\n\nThe following setup can trigger a WARNING in htb_activate due to\nthe condition: !cl-\u003eleaf.q-\u003eq.qlen\n\ntc qdisc del dev lo root\ntc qdisc add dev lo root handle 1: htb default 1\ntc class add dev lo parent 1: classid 1:1 \\\n htb rate 64bit\ntc qdisc add dev lo parent 1:1 handle f: \\\n cake memlimit 1b\nping -I lo -f -c1 -s64 -W0.001 127.0.0.1\n\nThis is because the low memlimit leads to a low buffer_limit, which\ncauses packet dropping. However, cake_enqueue still returns\nNET_XMIT_SUCCESS, causing htb_enqueue to call htb_activate with an\nempty child qdisc. We should return NET_XMIT_CN when packets are\ndropped from the same tin and flow.\n\nI do not believe return value of NET_XMIT_CN is necessary for packet\ndrops in the case of ack filtering, as that is meant to optimize\nperformance, not to signal congestion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39766",
"url": "https://www.suse.com/security/cve/CVE-2025-39766"
},
{
"category": "external",
"summary": "SUSE Bug 1249510 for CVE-2025-39766",
"url": "https://bugzilla.suse.com/1249510"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39766"
},
{
"cve": "CVE-2025-39770",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39770"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM\n\nWhen performing Generic Segmentation Offload (GSO) on an IPv6 packet that\ncontains extension headers, the kernel incorrectly requests checksum offload\nif the egress device only advertises NETIF_F_IPV6_CSUM feature, which has\na strict contract: it supports checksum offload only for plain TCP or UDP\nover IPv6 and explicitly does not support packets with extension headers.\nThe current GSO logic violates this contract by failing to disable the feature\nfor packets with extension headers, such as those used in GREoIPv6 tunnels.\n\nThis violation results in the device being asked to perform an operation\nit cannot support, leading to a `skb_warn_bad_offload` warning and a collapse\nof network throughput. While device TSO/USO is correctly bypassed in favor\nof software GSO for these packets, the GSO stack must be explicitly told not\nto request checksum offload.\n\nMask NETIF_F_IPV6_CSUM, NETIF_F_TSO6 and NETIF_F_GSO_UDP_L4\nin gso_features_check if the IPv6 header contains extension headers to compute\nchecksum in software.\n\nThe exception is a BIG TCP extension, which, as stated in commit\n68e068cabd2c6c53 (\"net: reenable NETIF_F_IPV6_CSUM offload for BIG TCP packets\"):\n\"The feature is only enabled on devices that support BIG TCP TSO.\nThe header is only present for PF_PACKET taps like tcpdump,\nand not transmitted by physical devices.\"\n\nkernel log output (truncated):\nWARNING: CPU: 1 PID: 5273 at net/core/dev.c:3535 skb_warn_bad_offload+0x81/0x140\n...\nCall Trace:\n \u003cTASK\u003e\n skb_checksum_help+0x12a/0x1f0\n validate_xmit_skb+0x1a3/0x2d0\n validate_xmit_skb_list+0x4f/0x80\n sch_direct_xmit+0x1a2/0x380\n __dev_xmit_skb+0x242/0x670\n __dev_queue_xmit+0x3fc/0x7f0\n ip6_finish_output2+0x25e/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_tnl_xmit+0x608/0xc00 [ip6_tunnel]\n ip6gre_tunnel_xmit+0x1c0/0x390 [ip6_gre]\n dev_hard_start_xmit+0x63/0x1c0\n __dev_queue_xmit+0x6d0/0x7f0\n ip6_finish_output2+0x214/0x5d0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n ip6_finish_output+0x1fc/0x3f0\n ip6_xmit+0x2ca/0x6f0\n inet6_csk_xmit+0xeb/0x150\n __tcp_transmit_skb+0x555/0xa80\n tcp_write_xmit+0x32a/0xe90\n tcp_sendmsg_locked+0x437/0x1110\n tcp_sendmsg+0x2f/0x50\n...\nskb linear: 00000000: e4 3d 1a 7d ec 30 e4 3d 1a 7e 5d 90 86 dd 60 0e\nskb linear: 00000010: 00 0a 1b 34 3c 40 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000020: 00 00 00 00 00 12 20 11 00 00 00 00 00 00 00 00\nskb linear: 00000030: 00 00 00 00 00 11 2f 00 04 01 04 01 01 00 00 00\nskb linear: 00000040: 86 dd 60 0e 00 0a 1b 00 06 40 20 23 00 00 00 00\nskb linear: 00000050: 00 00 00 00 00 00 00 00 00 12 20 23 00 00 00 00\nskb linear: 00000060: 00 00 00 00 00 00 00 00 00 11 bf 96 14 51 13 f9\nskb linear: 00000070: ae 27 a0 a8 2b e3 80 18 00 40 5b 6f 00 00 01 01\nskb linear: 00000080: 08 0a 42 d4 50 d5 4b 70 f8 1a",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39770",
"url": "https://www.suse.com/security/cve/CVE-2025-39770"
},
{
"category": "external",
"summary": "SUSE Bug 1249508 for CVE-2025-39770",
"url": "https://bugzilla.suse.com/1249508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39770"
},
{
"cve": "CVE-2025-39773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bridge: fix soft lockup in br_multicast_query_expired()\n\nWhen set multicast_query_interval to a large value, the local variable\n\u0027time\u0027 in br_multicast_send_query() may overflow. If the time is smaller\nthan jiffies, the timer will expire immediately, and then call mod_timer()\nagain, which creates a loop and may trigger the following soft lockup\nissue.\n\n watchdog: BUG: soft lockup - CPU#1 stuck for 221s! [rb_consumer:66]\n CPU: 1 UID: 0 PID: 66 Comm: rb_consumer Not tainted 6.16.0+ #259 PREEMPT(none)\n Call Trace:\n \u003cIRQ\u003e\n __netdev_alloc_skb+0x2e/0x3a0\n br_ip6_multicast_alloc_query+0x212/0x1b70\n __br_multicast_send_query+0x376/0xac0\n br_multicast_send_query+0x299/0x510\n br_multicast_query_expired.constprop.0+0x16d/0x1b0\n call_timer_fn+0x3b/0x2a0\n __run_timers+0x619/0x950\n run_timer_softirq+0x11c/0x220\n handle_softirqs+0x18e/0x560\n __irq_exit_rcu+0x158/0x1a0\n sysvec_apic_timer_interrupt+0x76/0x90\n \u003c/IRQ\u003e\n\nThis issue can be reproduced with:\n ip link add br0 type bridge\n echo 1 \u003e /sys/class/net/br0/bridge/multicast_querier\n echo 0xffffffffffffffff \u003e\n \t/sys/class/net/br0/bridge/multicast_query_interval\n ip link set dev br0 up\n\nThe multicast_startup_query_interval can also cause this issue. Similar to\nthe commit 99b40610956a (\"net: bridge: mcast: add and enforce query\ninterval minimum\"), add check for the query interval maximum to fix this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39773",
"url": "https://www.suse.com/security/cve/CVE-2025-39773"
},
{
"category": "external",
"summary": "SUSE Bug 1249504 for CVE-2025-39773",
"url": "https://bugzilla.suse.com/1249504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39773"
},
{
"cve": "CVE-2025-39782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njbd2: prevent softlockup in jbd2_log_do_checkpoint()\n\nBoth jbd2_log_do_checkpoint() and jbd2_journal_shrink_checkpoint_list()\nperiodically release j_list_lock after processing a batch of buffers to\navoid long hold times on the j_list_lock. However, since both functions\ncontend for j_list_lock, the combined time spent waiting and processing\ncan be significant.\n\njbd2_journal_shrink_checkpoint_list() explicitly calls cond_resched() when\nneed_resched() is true to avoid softlockups during prolonged operations.\nBut jbd2_log_do_checkpoint() only exits its loop when need_resched() is\ntrue, relying on potentially sleeping functions like __flush_batch() or\nwait_on_buffer() to trigger rescheduling. If those functions do not sleep,\nthe kernel may hit a softlockup.\n\nwatchdog: BUG: soft lockup - CPU#3 stuck for 156s! [kworker/u129:2:373]\nCPU: 3 PID: 373 Comm: kworker/u129:2 Kdump: loaded Not tainted 6.6.0+ #10\nHardware name: Huawei TaiShan 2280 /BC11SPCD, BIOS 1.27 06/13/2017\nWorkqueue: writeback wb_workfn (flush-7:2)\npstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : native_queued_spin_lock_slowpath+0x358/0x418\nlr : jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]\nCall trace:\n native_queued_spin_lock_slowpath+0x358/0x418\n jbd2_log_do_checkpoint+0x31c/0x438 [jbd2]\n __jbd2_log_wait_for_space+0xfc/0x2f8 [jbd2]\n add_transaction_credits+0x3bc/0x418 [jbd2]\n start_this_handle+0xf8/0x560 [jbd2]\n jbd2__journal_start+0x118/0x228 [jbd2]\n __ext4_journal_start_sb+0x110/0x188 [ext4]\n ext4_do_writepages+0x3dc/0x740 [ext4]\n ext4_writepages+0xa4/0x190 [ext4]\n do_writepages+0x94/0x228\n __writeback_single_inode+0x48/0x318\n writeback_sb_inodes+0x204/0x590\n __writeback_inodes_wb+0x54/0xf8\n wb_writeback+0x2cc/0x3d8\n wb_do_writeback+0x2e0/0x2f8\n wb_workfn+0x80/0x2a8\n process_one_work+0x178/0x3e8\n worker_thread+0x234/0x3b8\n kthread+0xf0/0x108\n ret_from_fork+0x10/0x20\n\nSo explicitly call cond_resched() in jbd2_log_do_checkpoint() to avoid\nsoftlockup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39782",
"url": "https://www.suse.com/security/cve/CVE-2025-39782"
},
{
"category": "external",
"summary": "SUSE Bug 1249526 for CVE-2025-39782",
"url": "https://bugzilla.suse.com/1249526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39782"
},
{
"cve": "CVE-2025-39787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: mdt_loader: Ensure we don\u0027t read past the ELF header\n\nWhen the MDT loader is used in remoteproc, the ELF header is sanitized\nbeforehand, but that\u0027s not necessary the case for other clients.\n\nValidate the size of the firmware buffer to ensure that we don\u0027t read\npast the end as we iterate over the header. e_phentsize and e_shentsize\nare validated as well, to ensure that the assumptions about step size in\nthe traversal are valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39787",
"url": "https://www.suse.com/security/cve/CVE-2025-39787"
},
{
"category": "external",
"summary": "SUSE Bug 1249545 for CVE-2025-39787",
"url": "https://bugzilla.suse.com/1249545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39787"
},
{
"cve": "CVE-2025-39797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Duplicate SPI Handling\n\nThe issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI\nNetlink message, which triggers the kernel function xfrm_alloc_spi().\nThis function is expected to ensure uniqueness of the Security Parameter\nIndex (SPI) for inbound Security Associations (SAs). However, it can\nreturn success even when the requested SPI is already in use, leading\nto duplicate SPIs assigned to multiple inbound SAs, differentiated\nonly by their destination addresses.\n\nThis behavior causes inconsistencies during SPI lookups for inbound packets.\nSince the lookup may return an arbitrary SA among those with the same SPI,\npacket processing can fail, resulting in packet drops.\n\nAccording to RFC 4301 section 4.4.2 , for inbound processing a unicast SA\nis uniquely identified by the SPI and optionally protocol.\n\nReproducing the Issue Reliably:\nTo consistently reproduce the problem, restrict the available SPI range in\ncharon.conf : spi_min = 0x10000000 spi_max = 0x10000002\nThis limits the system to only 2 usable SPI values.\nNext, create more than 2 Child SA. each using unique pair of src/dst address.\nAs soon as the 3rd Child SA is initiated, it will be assigned a duplicate\nSPI, since the SPI pool is already exhausted.\nWith a narrow SPI range, the issue is consistently reproducible.\nWith a broader/default range, it becomes rare and unpredictable.\n\nCurrent implementation:\nxfrm_spi_hash() lookup function computes hash using daddr, proto, and family.\nSo if two SAs have the same SPI but different destination addresses, then\nthey will:\na. Hash into different buckets\nb. Be stored in different linked lists (byspi + h)\nc. Not be seen in the same hlist_for_each_entry_rcu() iteration.\nAs a result, the lookup will result in NULL and kernel allows that Duplicate SPI\n\nProposed Change:\nxfrm_state_lookup_spi_proto() does a truly global search - across all states,\nregardless of hash bucket and matches SPI and proto.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39797",
"url": "https://www.suse.com/security/cve/CVE-2025-39797"
},
{
"category": "external",
"summary": "SUSE Bug 1249608 for CVE-2025-39797",
"url": "https://bugzilla.suse.com/1249608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39797"
},
{
"cve": "CVE-2025-39807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Add error handling for old state CRTC in atomic_disable\n\nIntroduce error handling to address an issue where, after a hotplug\nevent, the cursor continues to update. This situation can lead to a\nkernel panic due to accessing the NULL `old_state-\u003ecrtc`.\n\nE,g.\nUnable to handle kernel NULL pointer dereference at virtual address\nCall trace:\n mtk_crtc_plane_disable+0x24/0x140\n mtk_plane_atomic_update+0x8c/0xa8\n drm_atomic_helper_commit_planes+0x114/0x2c8\n drm_atomic_helper_commit_tail_rpm+0x4c/0x158\n commit_tail+0xa0/0x168\n drm_atomic_helper_commit+0x110/0x120\n drm_atomic_commit+0x8c/0xe0\n drm_atomic_helper_update_plane+0xd4/0x128\n __setplane_atomic+0xcc/0x110\n drm_mode_cursor_common+0x250/0x440\n drm_mode_cursor_ioctl+0x44/0x70\n drm_ioctl+0x264/0x5d8\n __arm64_sys_ioctl+0xd8/0x510\n invoke_syscall+0x6c/0xe0\n do_el0_svc+0x68/0xe8\n el0_svc+0x34/0x60\n el0t_64_sync_handler+0x1c/0xf8\n el0t_64_sync+0x180/0x188\n\nAdding NULL pointer checks to ensure stability by preventing operations\non an invalid CRTC state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39807",
"url": "https://www.suse.com/security/cve/CVE-2025-39807"
},
{
"category": "external",
"summary": "SUSE Bug 1249887 for CVE-2025-39807",
"url": "https://bugzilla.suse.com/1249887"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39807"
},
{
"cve": "CVE-2025-39811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/xe/vm: Clear the scratch_pt pointer on error\n\nAvoid triggering a dereference of an error pointer on cleanup in\nxe_vm_free_scratch() by clearing any scratch_pt error pointer.\n\n(cherry picked from commit 358ee50ab565f3c8ea32480e9d03127a81ba32f8)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39811",
"url": "https://www.suse.com/security/cve/CVE-2025-39811"
},
{
"category": "external",
"summary": "SUSE Bug 1249915 for CVE-2025-39811",
"url": "https://bugzilla.suse.com/1249915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39811"
},
{
"cve": "CVE-2025-39816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths\n\nSince the buffers are mapped from userspace, it is prudent to use\nREAD_ONCE() to read the value into a local variable, and use that for\nany other actions taken. Having a stable read of the buffer length\navoids worrying about it changing after checking, or being read multiple\ntimes.\n\nSimilarly, the buffer may well change in between it being picked and\nbeing committed. Ensure the looping for incremental ring buffer commit\nstops if it hits a zero sized buffer, as no further progress can be made\nat that point.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39816",
"url": "https://www.suse.com/security/cve/CVE-2025-39816"
},
{
"category": "external",
"summary": "SUSE Bug 1249906 for CVE-2025-39816",
"url": "https://bugzilla.suse.com/1249906"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39816"
},
{
"cve": "CVE-2025-39823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: use array_index_nospec with indices that come from guest\n\nmin and dest_id are guest-controlled indices. Using array_index_nospec()\nafter the bounds checks clamps these values to mitigate speculative execution\nside-channels.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39823",
"url": "https://www.suse.com/security/cve/CVE-2025-39823"
},
{
"category": "external",
"summary": "SUSE Bug 1250002 for CVE-2025-39823",
"url": "https://bugzilla.suse.com/1250002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39823"
},
{
"cve": "CVE-2025-39825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix race with concurrent opens in rename(2)\n\nBesides sending the rename request to the server, the rename process\nalso involves closing any deferred close, waiting for outstanding I/O\nto complete as well as marking all existing open handles as deleted to\nprevent them from deferring closes, which increases the race window\nfor potential concurrent opens on the target file.\n\nFix this by unhashing the dentry in advance to prevent any concurrent\nopens on the target.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39825",
"url": "https://www.suse.com/security/cve/CVE-2025-39825"
},
{
"category": "external",
"summary": "SUSE Bug 1250179 for CVE-2025-39825",
"url": "https://bugzilla.suse.com/1250179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39825"
},
{
"cve": "CVE-2025-39830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path\n\nIn the error path of hws_pool_buddy_init(), the buddy allocator cleanup\ndoesn\u0027t free the allocator structure itself, causing a memory leak.\n\nAdd the missing kfree() to properly release all allocated memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39830",
"url": "https://www.suse.com/security/cve/CVE-2025-39830"
},
{
"category": "external",
"summary": "SUSE Bug 1249974 for CVE-2025-39830",
"url": "https://bugzilla.suse.com/1249974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39830"
},
{
"cve": "CVE-2025-39834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow\n\nWhen an invalid stc_type is provided, the function allocates memory for\nshared_stc but jumps to unlock_and_out without freeing it, causing a\nmemory leak.\n\nFix by jumping to free_shared_stc label instead to ensure proper cleanup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39834",
"url": "https://www.suse.com/security/cve/CVE-2025-39834"
},
{
"category": "external",
"summary": "SUSE Bug 1250021 for CVE-2025-39834",
"url": "https://bugzilla.suse.com/1250021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39834"
},
{
"cve": "CVE-2025-39835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: do not propagate ENODATA disk errors into xattr code\n\nENODATA (aka ENOATTR) has a very specific meaning in the xfs xattr code;\nnamely, that the requested attribute name could not be found.\n\nHowever, a medium error from disk may also return ENODATA. At best,\nthis medium error may escape to userspace as \"attribute not found\"\nwhen in fact it\u0027s an IO (disk) error.\n\nAt worst, we may oops in xfs_attr_leaf_get() when we do:\n\n\terror = xfs_attr_leaf_hasname(args, \u0026bp);\n\tif (error == -ENOATTR) {\n\t\txfs_trans_brelse(args-\u003etrans, bp);\n\t\treturn error;\n\t}\n\nbecause an ENODATA/ENOATTR error from disk leaves us with a null bp,\nand the xfs_trans_brelse will then null-deref it.\n\nAs discussed on the list, we really need to modify the lower level\nIO functions to trap all disk errors and ensure that we don\u0027t let\nunique errors like this leak up into higher xfs functions - many\nlike this should be remapped to EIO.\n\nHowever, this patch directly addresses a reported bug in the xattr\ncode, and should be safe to backport to stable kernels. A larger-scope\npatch to handle more unique errors at lower levels can follow later.\n\n(Note, prior to 07120f1abdff we did not oops, but we did return the\nwrong error code to userspace.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39835",
"url": "https://www.suse.com/security/cve/CVE-2025-39835"
},
{
"category": "external",
"summary": "SUSE Bug 1250025 for CVE-2025-39835",
"url": "https://bugzilla.suse.com/1250025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39835"
},
{
"cve": "CVE-2025-39838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent NULL pointer dereference in UTF16 conversion\n\nThere can be a NULL pointer dereference bug here. NULL is passed to\n__cifs_sfu_make_node without checks, which passes it unchecked to\ncifs_strndup_to_utf16, which in turn passes it to\ncifs_local_to_utf16_bytes where \u0027*from\u0027 is dereferenced, causing a crash.\n\nThis patch adds a check for NULL \u0027src\u0027 in cifs_strndup_to_utf16 and\nreturns NULL early to prevent dereferencing NULL pointer.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39838",
"url": "https://www.suse.com/security/cve/CVE-2025-39838"
},
{
"category": "external",
"summary": "SUSE Bug 1250365 for CVE-2025-39838",
"url": "https://bugzilla.suse.com/1250365"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39838"
},
{
"cve": "CVE-2025-39842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: prevent release journal inode after journal shutdown\n\nBefore calling ocfs2_delete_osb(), ocfs2_journal_shutdown() has already\nbeen executed in ocfs2_dismount_volume(), so osb-\u003ejournal must be NULL. \nTherefore, the following calltrace will inevitably fail when it reaches\njbd2_journal_release_jbd_inode().\n\nocfs2_dismount_volume()-\u003e\n ocfs2_delete_osb()-\u003e\n ocfs2_free_slot_info()-\u003e\n __ocfs2_free_slot_info()-\u003e\n evict()-\u003e\n ocfs2_evict_inode()-\u003e\n ocfs2_clear_inode()-\u003e\n\t jbd2_journal_release_jbd_inode(osb-\u003ejournal-\u003ej_journal,\n\nAdding osb-\u003ejournal checks will prevent null-ptr-deref during the above\nexecution path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39842",
"url": "https://www.suse.com/security/cve/CVE-2025-39842"
},
{
"category": "external",
"summary": "SUSE Bug 1250267 for CVE-2025-39842",
"url": "https://bugzilla.suse.com/1250267"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39842"
},
{
"cve": "CVE-2025-39857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync()\n\nBUG: kernel NULL pointer dereference, address: 00000000000002ec\nPGD 0 P4D 0\nOops: Oops: 0000 [#1] SMP PTI\nCPU: 28 UID: 0 PID: 343 Comm: kworker/28:1 Kdump: loaded Tainted: G OE 6.17.0-rc2+ #9 NONE\nTainted: [O]=OOT_MODULE, [E]=UNSIGNED_MODULE\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\nWorkqueue: smc_hs_wq smc_listen_work [smc]\nRIP: 0010:smc_ib_is_sg_need_sync+0x9e/0xd0 [smc]\n...\nCall Trace:\n \u003cTASK\u003e\n smcr_buf_map_link+0x211/0x2a0 [smc]\n __smc_buf_create+0x522/0x970 [smc]\n smc_buf_create+0x3a/0x110 [smc]\n smc_find_rdma_v2_device_serv+0x18f/0x240 [smc]\n ? smc_vlan_by_tcpsk+0x7e/0xe0 [smc]\n smc_listen_find_device+0x1dd/0x2b0 [smc]\n smc_listen_work+0x30f/0x580 [smc]\n process_one_work+0x18c/0x340\n worker_thread+0x242/0x360\n kthread+0xe7/0x220\n ret_from_fork+0x13a/0x160\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nIf the software RoCE device is used, ibdev-\u003edma_device is a null pointer.\nAs a result, the problem occurs. Null pointer detection is added to\nprevent problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39857",
"url": "https://www.suse.com/security/cve/CVE-2025-39857"
},
{
"category": "external",
"summary": "SUSE Bug 1250251 for CVE-2025-39857",
"url": "https://bugzilla.suse.com/1250251"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39857"
},
{
"cve": "CVE-2025-39865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: fix NULL pointer dereference in tee_shm_put\n\ntee_shm_put have NULL pointer dereference:\n\n__optee_disable_shm_cache --\u003e\n\tshm = reg_pair_to_ptr(...);//shm maybe return NULL\n tee_shm_free(shm); --\u003e\n\t\ttee_shm_put(shm);//crash\n\nAdd check in tee_shm_put to fix it.\n\npanic log:\nUnable to handle kernel paging request at virtual address 0000000000100cca\nMem abort info:\nESR = 0x0000000096000004\nEC = 0x25: DABT (current EL), IL = 32 bits\nSET = 0, FnV = 0\nEA = 0, S1PTW = 0\nFSC = 0x04: level 0 translation fault\nData abort info:\nISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\nCM = 0, WnR = 0, TnD = 0, TagAccess = 0\nGCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=0000002049d07000\n[0000000000100cca] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 0000000096000004 [#1] SMP\nCPU: 2 PID: 14442 Comm: systemd-sleep Tainted: P OE ------- ----\n6.6.0-39-generic #38\nSource Version: 938b255f6cb8817c95b0dd5c8c2944acfce94b07\nHardware name: greatwall GW-001Y1A-FTH, BIOS Great Wall BIOS V3.0\n10/26/2022\npstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : tee_shm_put+0x24/0x188\nlr : tee_shm_free+0x14/0x28\nsp : ffff001f98f9faf0\nx29: ffff001f98f9faf0 x28: ffff0020df543cc0 x27: 0000000000000000\nx26: ffff001f811344a0 x25: ffff8000818dac00 x24: ffff800082d8d048\nx23: ffff001f850fcd18 x22: 0000000000000001 x21: ffff001f98f9fb88\nx20: ffff001f83e76218 x19: ffff001f83e761e0 x18: 000000000000ffff\nx17: 303a30303a303030 x16: 0000000000000000 x15: 0000000000000003\nx14: 0000000000000001 x13: 0000000000000000 x12: 0101010101010101\nx11: 0000000000000001 x10: 0000000000000001 x9 : ffff800080e08d0c\nx8 : ffff001f98f9fb88 x7 : 0000000000000000 x6 : 0000000000000000\nx5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\nx2 : ffff001f83e761e0 x1 : 00000000ffff001f x0 : 0000000000100cca\nCall trace:\ntee_shm_put+0x24/0x188\ntee_shm_free+0x14/0x28\n__optee_disable_shm_cache+0xa8/0x108\noptee_shutdown+0x28/0x38\nplatform_shutdown+0x28/0x40\ndevice_shutdown+0x144/0x2b0\nkernel_power_off+0x3c/0x80\nhibernate+0x35c/0x388\nstate_store+0x64/0x80\nkobj_attr_store+0x14/0x28\nsysfs_kf_write+0x48/0x60\nkernfs_fop_write_iter+0x128/0x1c0\nvfs_write+0x270/0x370\nksys_write+0x6c/0x100\n__arm64_sys_write+0x20/0x30\ninvoke_syscall+0x4c/0x120\nel0_svc_common.constprop.0+0x44/0xf0\ndo_el0_svc+0x24/0x38\nel0_svc+0x24/0x88\nel0t_64_sync_handler+0x134/0x150\nel0t_64_sync+0x14c/0x15",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39865",
"url": "https://www.suse.com/security/cve/CVE-2025-39865"
},
{
"category": "external",
"summary": "SUSE Bug 1250294 for CVE-2025-39865",
"url": "https://bugzilla.suse.com/1250294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39865"
},
{
"cve": "CVE-2025-39885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix recursive semaphore deadlock in fiemap call\n\nsyzbot detected a OCFS2 hang due to a recursive semaphore on a\nFS_IOC_FIEMAP of the extent list on a specially crafted mmap file.\n\ncontext_switch kernel/sched/core.c:5357 [inline]\n __schedule+0x1798/0x4cc0 kernel/sched/core.c:6961\n __schedule_loop kernel/sched/core.c:7043 [inline]\n schedule+0x165/0x360 kernel/sched/core.c:7058\n schedule_preempt_disabled+0x13/0x30 kernel/sched/core.c:7115\n rwsem_down_write_slowpath+0x872/0xfe0 kernel/locking/rwsem.c:1185\n __down_write_common kernel/locking/rwsem.c:1317 [inline]\n __down_write kernel/locking/rwsem.c:1326 [inline]\n down_write+0x1ab/0x1f0 kernel/locking/rwsem.c:1591\n ocfs2_page_mkwrite+0x2ff/0xc40 fs/ocfs2/mmap.c:142\n do_page_mkwrite+0x14d/0x310 mm/memory.c:3361\n wp_page_shared mm/memory.c:3762 [inline]\n do_wp_page+0x268d/0x5800 mm/memory.c:3981\n handle_pte_fault mm/memory.c:6068 [inline]\n __handle_mm_fault+0x1033/0x5440 mm/memory.c:6195\n handle_mm_fault+0x40a/0x8e0 mm/memory.c:6364\n do_user_addr_fault+0x764/0x1390 arch/x86/mm/fault.c:1387\n handle_page_fault arch/x86/mm/fault.c:1476 [inline]\n exc_page_fault+0x76/0xf0 arch/x86/mm/fault.c:1532\n asm_exc_page_fault+0x26/0x30 arch/x86/include/asm/idtentry.h:623\nRIP: 0010:copy_user_generic arch/x86/include/asm/uaccess_64.h:126 [inline]\nRIP: 0010:raw_copy_to_user arch/x86/include/asm/uaccess_64.h:147 [inline]\nRIP: 0010:_inline_copy_to_user include/linux/uaccess.h:197 [inline]\nRIP: 0010:_copy_to_user+0x85/0xb0 lib/usercopy.c:26\nCode: e8 00 bc f7 fc 4d 39 fc 72 3d 4d 39 ec 77 38 e8 91 b9 f7 fc 4c 89\nf7 89 de e8 47 25 5b fd 0f 01 cb 4c 89 ff 48 89 d9 4c 89 f6 \u003cf3\u003e a4 0f\n1f 00 48 89 cb 0f 01 ca 48 89 d8 5b 41 5c 41 5d 41 5e 41\nRSP: 0018:ffffc9000403f950 EFLAGS: 00050256\nRAX: ffffffff84c7f101 RBX: 0000000000000038 RCX: 0000000000000038\nRDX: 0000000000000000 RSI: ffffc9000403f9e0 RDI: 0000200000000060\nRBP: ffffc9000403fa90 R08: ffffc9000403fa17 R09: 1ffff92000807f42\nR10: dffffc0000000000 R11: fffff52000807f43 R12: 0000200000000098\nR13: 00007ffffffff000 R14: ffffc9000403f9e0 R15: 0000200000000060\n copy_to_user include/linux/uaccess.h:225 [inline]\n fiemap_fill_next_extent+0x1c0/0x390 fs/ioctl.c:145\n ocfs2_fiemap+0x888/0xc90 fs/ocfs2/extent_map.c:806\n ioctl_fiemap fs/ioctl.c:220 [inline]\n do_vfs_ioctl+0x1173/0x1430 fs/ioctl.c:532\n __do_sys_ioctl fs/ioctl.c:596 [inline]\n __se_sys_ioctl+0x82/0x170 fs/ioctl.c:584\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f5f13850fd9\nRSP: 002b:00007ffe3b3518b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 0000200000000000 RCX: 00007f5f13850fd9\nRDX: 0000200000000040 RSI: 00000000c020660b RDI: 0000000000000004\nRBP: 6165627472616568 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe3b3518f0\nR13: 00007ffe3b351b18 R14: 431bde82d7b634db R15: 00007f5f1389a03b\n\nocfs2_fiemap() takes a read lock of the ip_alloc_sem semaphore (since\nv2.6.22-527-g7307de80510a) and calls fiemap_fill_next_extent() to read the\nextent list of this running mmap executable. The user supplied buffer to\nhold the fiemap information page faults calling ocfs2_page_mkwrite() which\nwill take a write lock (since v2.6.27-38-g00dc417fa3e7) of the same\nsemaphore. This recursive semaphore will hold filesystem locks and causes\na hang of the fileystem.\n\nThe ip_alloc_sem protects the inode extent list and size. Release the\nread semphore before calling fiemap_fill_next_extent() in ocfs2_fiemap()\nand ocfs2_fiemap_inline(). This does an unnecessary semaphore lock/unlock\non the last extent but simplifies the error path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39885",
"url": "https://www.suse.com/security/cve/CVE-2025-39885"
},
{
"category": "external",
"summary": "SUSE Bug 1250407 for CVE-2025-39885",
"url": "https://bugzilla.suse.com/1250407"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39885"
},
{
"cve": "CVE-2025-39890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix memory leak in ath12k_service_ready_ext_event\n\nCurrently, in ath12k_service_ready_ext_event(), svc_rdy_ext.mac_phy_caps\nis not freed in the failure case, causing a memory leak. The following\ntrace is observed in kmemleak:\n\nunreferenced object 0xffff8b3eb5789c00 (size 1024):\n comm \"softirq\", pid 0, jiffies 4294942577\n hex dump (first 32 bytes):\n 00 00 00 00 01 00 00 00 00 00 00 00 7b 00 00 10 ............{...\n 01 00 00 00 00 00 00 00 01 00 00 00 1f 38 00 00 .............8..\n backtrace (crc 44e1c357):\n __kmalloc_noprof+0x30b/0x410\n ath12k_wmi_mac_phy_caps_parse+0x84/0x100 [ath12k]\n ath12k_wmi_tlv_iter+0x5e/0x140 [ath12k]\n ath12k_wmi_svc_rdy_ext_parse+0x308/0x4c0 [ath12k]\n ath12k_wmi_tlv_iter+0x5e/0x140 [ath12k]\n ath12k_service_ready_ext_event.isra.0+0x44/0xd0 [ath12k]\n ath12k_wmi_op_rx+0x2eb/0xd70 [ath12k]\n ath12k_htc_rx_completion_handler+0x1f4/0x330 [ath12k]\n ath12k_ce_recv_process_cb+0x218/0x300 [ath12k]\n ath12k_pci_ce_workqueue+0x1b/0x30 [ath12k]\n process_one_work+0x219/0x680\n bh_worker+0x198/0x1f0\n tasklet_action+0x13/0x30\n handle_softirqs+0xca/0x460\n __irq_exit_rcu+0xbe/0x110\n irq_exit_rcu+0x9/0x30\n\nFree svc_rdy_ext.mac_phy_caps in the error case to fix this memory leak.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.4.1-00199-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39890",
"url": "https://www.suse.com/security/cve/CVE-2025-39890"
},
{
"category": "external",
"summary": "SUSE Bug 1250334 for CVE-2025-39890",
"url": "https://bugzilla.suse.com/1250334"
},
{
"category": "external",
"summary": "SUSE Bug 1250488 for CVE-2025-39890",
"url": "https://bugzilla.suse.com/1250488"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "important"
}
],
"title": "CVE-2025-39890"
},
{
"cve": "CVE-2025-39922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nixgbe: fix incorrect map used in eee linkmode\n\nincorrectly used ixgbe_lp_map in loops intended to populate the\nsupported and advertised EEE linkmode bitmaps based on ixgbe_ls_map.\nThis results in incorrect bit setting and potential out-of-bounds\naccess, since ixgbe_lp_map and ixgbe_ls_map have different sizes\nand purposes.\n\nixgbe_lp_map[i] -\u003e ixgbe_ls_map[i]\n\nUse ixgbe_ls_map for supported and advertised linkmodes, and keep\nixgbe_lp_map usage only for link partner (lp_advertised) mapping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39922",
"url": "https://www.suse.com/security/cve/CVE-2025-39922"
},
{
"category": "external",
"summary": "SUSE Bug 1250722 for CVE-2025-39922",
"url": "https://bugzilla.suse.com/1250722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-39922"
},
{
"cve": "CVE-2025-40300",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40300"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/vmscape: Add conditional IBPB mitigation\n\nVMSCAPE is a vulnerability that exploits insufficient branch predictor\nisolation between a guest and a userspace hypervisor (like QEMU). Existing\nmitigations already protect kernel/KVM from a malicious guest. Userspace\ncan additionally be protected by flushing the branch predictors after a\nVMexit.\n\nSince it is the userspace that consumes the poisoned branch predictors,\nconditionally issue an IBPB after a VMexit and before returning to\nuserspace. Workloads that frequently switch between hypervisor and\nuserspace will incur the most overhead from the new IBPB.\n\nThis new IBPB is not integrated with the existing IBPB sites. For\ninstance, a task can use the existing speculation control prctl() to\nget an IBPB at context switch time. With this implementation, the\nIBPB is doubled up: one at context switch and another before running\nuserspace.\n\nThe intent is to integrate and optimize these cases post-embargo.\n\n[ dhansen: elaborate on suboptimal IBPB solution ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40300",
"url": "https://www.suse.com/security/cve/CVE-2025-40300"
},
{
"category": "external",
"summary": "SUSE Bug 1249561 for CVE-2025-40300",
"url": "https://bugzilla.suse.com/1249561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:cluster-md-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:dlm-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:gfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise High Availability Extension 15 SP7:ocfs2-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-default-livepatch-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.ppc64le",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.s390x",
"SUSE Linux Enterprise Live Patching 15 SP7:kernel-livepatch-6_4_0-150700_53_19-default-1-150700.15.3.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-64kb-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-base-6.4.0-150700.53.19.1.150700.17.13.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-default-devel-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-devel-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-macros-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:kernel-zfcpdump-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-docs-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-obs-build-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-source-6.4.0-150700.53.19.1.noarch",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP7:kernel-syms-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.aarch64",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP7:reiserfs-kmp-default-6.4.0-150700.53.19.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP7:kernel-default-extra-6.4.0-150700.53.19.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-10-15T12:57:01Z",
"details": "moderate"
}
],
"title": "CVE-2025-40300"
}
]
}
suse-su-2025:03600-1
Vulnerability from csaf_suse
Published
2025-10-15 12:54
Modified
2025-10-15 12:54
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-53261: coresight: Fix memory leak in acpi_buffer->pointer (bsc#1249770).
- CVE-2024-58090: sched/core: Prevent rescheduling when interrupts are disabled (bsc#1240324).
- CVE-2025-22022: usb: xhci: Apply the link chain quirk on NEC isoc endpoints (bsc#1241292).
- CVE-2025-38119: scsi: core: ufs: Fix a hang in the error handler (bsc#1245700).
- CVE-2025-38234: sched/rt: Fix race in push_rt_task (bsc#1246057).
- CVE-2025-38263: bcache: fix NULL pointer in cache_set_flush() (bsc#1246248).
- CVE-2025-38351: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (bsc#1246782).
- CVE-2025-38402: idpf: return 0 size for RSS key if not supported (bsc#1247262).
- CVE-2025-38408: genirq/irq_sim: Initialize work context pointers properly (bsc#1247126).
- CVE-2025-38418: remoteproc: core: Release rproc->clean_table after rproc_attach() fails (bsc#1247137).
- CVE-2025-38419: remoteproc: core: Cleanup acquired resources when rproc_handle_resources() fails in rproc_attach() (bsc#1247136).
- CVE-2025-38456: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() (bsc#1247099).
- CVE-2025-38466: perf: Revert to requiring CAP_SYS_ADMIN for uprobes (bsc#1247442).
- CVE-2025-38488: smb: client: fix use-after-free in crypt_message when using async crypto (bsc#1247239).
- CVE-2025-38514: rxrpc: Fix oops due to non-existence of prealloc backlog struct (bsc#1248202).
- CVE-2025-38526: ice: add NULL check in eswitch lag check (bsc#1248192).
- CVE-2025-38527: smb: client: fix use-after-free in cifs_oplock_break (bsc#1248199).
- CVE-2025-38533: net: libwx: fix the using of Rx buffer DMA (bsc#1248200).
- CVE-2025-38544: rxrpc: Fix bug due to prealloc collision (bsc#1248225).
- CVE-2025-38556: HID: core: Harden s32ton() against conversion to 0 bits (bsc#1248296).
- CVE-2025-38574: pptp: ensure minimal skb length in pptp_xmit() (bsc#1248365).
- CVE-2025-38584: padata: Fix pd UAF once and for all (bsc1248343).
- CVE-2025-38590: net/mlx5e: Remove skb secpath if xfrm state is not found (bsc#1248360).
- CVE-2025-38593: kABI workaround for bluetooth discovery_state change (bsc#1248357).
- CVE-2025-38595: xen: fix UAF in dmabuf_exp_from_pages() (bsc#1248380).
- CVE-2025-38597: drm/rockchip: vop2: fail cleanly if missing a primary plane for a video-port (bsc#1248378).
- CVE-2025-38605: wifi: ath12k: Pass ab pointer directly to ath12k_dp_tx_get_encap_type() (bsc#1248334).
- CVE-2025-38614: eventpoll: Fix semi-unbounded recursion (bsc#1248392).
- CVE-2025-38616: tls: handle data disappearing from under the TLS ULP (bsc#1248512).
- CVE-2025-38622: net: drop UFO packets in udp_rcv_segment() (bsc#1248619).
- CVE-2025-38623: PCI: pnv_php: Fix surprise plug detection and recovery (bsc#1248610).
- CVE-2025-38639: netfilter: xt_nfacct: do not assume acct name is null-terminated (bsc#1248674).
- CVE-2025-38640: bpf: Disable migration in nf_hook_run_bpf() (bsc#1248622).
- CVE-2025-38643: wifi: cfg80211: Add missing lock in cfg80211_check_and_end_cac() (bsc#1248681).
- CVE-2025-38645: net/mlx5: Check device memory pointer before usage (bsc#1248626).
- CVE-2025-38659: gfs2: No more self recovery (bsc#1248639).
- CVE-2025-38660: [ceph] parse_longname(): strrchr() expects NUL-terminated string (bsc#1248634).
- CVE-2025-38664: ice: Fix a null pointer dereference in ice_copy_and_init_pkg() (bsc#1248628).
- CVE-2025-38668: regulator: core: fix NULL dereference on unbind due to stale coupling data (bsc#1248647).
- CVE-2025-38676: iommu/amd: Avoid stack buffer overflow from kernel cmdline (bsc#1248775).
- CVE-2025-38678: netfilter: nf_tables: reject duplicate device on updates (bsc#1249126).
- CVE-2025-38679: media: venus: Fix OOB read due to missing payload bound check (bsc#1249202).
- CVE-2025-38684: net/sched: ets: use old 'nbands' while purging unused classes (bsc#1249156).
- CVE-2025-38701: ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr (bsc#1249258).
- CVE-2025-38705: drm/amd/pm: fix null pointer access (bsc#1249334).
- CVE-2025-38709: loop: Avoid updating block size under exclusive owner (bsc#1249199).
- CVE-2025-38721: netfilter: ctnetlink: fix refcount leak on table dump (bsc#1249176).
- CVE-2025-38722: habanalabs: fix UAF in export_dmabuf() (bsc#1249163).
- CVE-2025-38730: io_uring/net: commit partial buffers on retry (bsc#1249172).
- CVE-2025-38732: netfilter: nf_reject: do not leak dst refcount for loopback packets (bsc#1249262).
- CVE-2025-38734: net/smc: fix UAF on smcsk after smc_listen_out() (bsc#1249324).
- CVE-2025-38735: gve: prevent ethtool ops after shutdown (bsc#1249288).
- CVE-2025-39677: net/sched: Fix backlog accounting in qdisc_dequeue_internal (bsc#1249300).
- CVE-2025-39678: platform/x86/amd/hsmp: Ensure sock->metric_tbl_addr is non-NULL (bsc#1249290).
- CVE-2025-39681: x86/cpu/hygon: Add missing resctrl_cpu_detect() in bsp_init helper (bsc#1249303).
- CVE-2025-39682: tls: fix handling of zero-length records on the rx_list (bsc#1249284).
- CVE-2025-39691: fs/buffer: fix use-after-free when call bh_read() helper (bsc#1249374).
- CVE-2025-39703: net, hsr: reject HSR frame if skb can't hold tag (bsc#1249315).
- CVE-2025-39705: drm/amd/display: fix a Null pointer dereference vulnerability (bsc#1249295).
- CVE-2025-39718: vsock/virtio: Validate length in packet header before skb_put() (bsc#1249305).
- CVE-2025-39738: btrfs: do not allow relocation of partially dropped subvolumes (bsc#1249540).
- CVE-2025-39744: rcu: Fix rcu_read_unlock() deadloop due to IRQ work (bsc#1249494).
- CVE-2025-39746: wifi: ath10k: shutdown driver when hardware is unreliable (bsc#1249516).
- CVE-2025-39749: rcu: Protect ->defer_qs_iw_pending from data race (bsc#1249533).
- CVE-2025-39754: mm/smaps: fix race between smaps_hugetlb_range and migration (bsc#1249524).
- CVE-2025-39764: netfilter: ctnetlink: remove refcounting in expectation dumpers (bsc#1249513).
- CVE-2025-39766: net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (bsc#1249510).
- CVE-2025-39770: net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM (bsc#1249508).
- CVE-2025-39773: net: bridge: fix soft lockup in br_multicast_query_expired() (bsc#1249504).
- CVE-2025-39782: jbd2: prevent softlockup in jbd2_log_do_checkpoint() (bsc#1249526).
- CVE-2025-39787: soc: qcom: mdt_loader: Deal with zero e_shentsize (bsc#1249545).
- CVE-2025-39797: xfrm: xfrm_alloc_spi shouldn't use 0 as SPI (bsc#1249608).
- CVE-2025-39810: bnxt_en: Fix memory corruption when FW resources change during ifdown (bsc#1249975).
- CVE-2025-39823: KVM: x86: use array_index_nospec with indices that come from guest (bsc#1250002).
- CVE-2025-39825: smb: client: fix race with concurrent opens in rename(2) (bsc#1250179).
- CVE-2025-39832: net/mlx5: Fix lockdep assertion on sync reset unload event (bsc#1249901).
- CVE-2025-39835: xfs: do not propagate ENODATA disk errors into xattr code (bsc#1250025).
- CVE-2025-39838: cifs: prevent NULL pointer dereference in UTF16 conversion (bsc#1250365).
- CVE-2025-39842: ocfs2: prevent release journal inode after journal shutdown (bsc#1250267).
- CVE-2025-39847: ppp: fix memory leak in pad_compress_skb (bsc#1250292).
- CVE-2025-39850: vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects (bsc#1250276).
- CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty (bsc#1250275).
- CVE-2025-39854: ice: fix NULL access of tx->in_use in ice_ll_ts_intr (bsc#1250297).
- CVE-2025-39857: net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() (bsc#1250251).
- CVE-2025-39865: tee: fix NULL pointer dereference in tee_shm_put (bsc#1250294).
- CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call (bsc#1250407).
- CVE-2025-40300: x86/vmscape: Warn when STIBP is disabled with SMT (bsc#1247483).
The following non-security bugs were fixed:
- 9p/xen: fix init sequence (git-fixes).
- ACPI/IORT: Fix memory leak in iort_rmr_alloc_sids() (git-fixes).
- ACPI: EC: Add device to acpi_ec_no_wakeup[] qurik list (stable-fixes).
- ACPI: NFIT: Fix incorrect ndr_desc being reportedin dev_err message (git-fixes).
- ACPI: TAD: Add missing sysfs_remove_group() for ACPI_TAD_RT (git-fixes).
- ACPI: debug: fix signedness issues in read/write helpers (git-fixes).
- ACPI: processor: idle: Fix memory leak when register cpuidle device failed (git-fixes).
- ACPI: property: Fix buffer properties extraction for subnodes (git-fixes).
- ACPICA: Fix largest possible resource descriptor index (git-fixes).
- ALSA: firewire-motu: drop EPOLLOUT from poll return values as write is not supported (stable-fixes).
- ALSA: hda/hdmi: Add pin fix for another HP EliteDesk 800 G4 model (stable-fixes).
- ALSA: hda/realtek - Add new HP ZBook laptop with micmute led fixup (stable-fixes).
- ALSA: hda/realtek: Add ALC295 Dell TAS2781 I2C fixup (git-fixes).
- ALSA: hda/realtek: Add support for HP Agusta using CS35L41 HDA (stable-fixes).
- ALSA: hda/realtek: Fix headset mic for TongFang X6[AF]R5xxY (stable-fixes).
- ALSA: hda/realtek: Fix mute led for HP Laptop 15-dw4xx (stable-fixes).
- ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL (git-fixes).
- ALSA: lx_core: use int type to store negative error codes (git-fixes).
- ALSA: usb-audio: Add DSD support for Comtrue USB Audio device (stable-fixes).
- ALSA: usb-audio: Add mixer quirk for Sony DualSense PS5 (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on more devices (stable-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on some devices (stable-fixes).
- ALSA: usb-audio: Avoid multiple assignments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Convert comma to semicolon (git-fixes).
- ALSA: usb-audio: Drop unnecessary parentheses in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix block comments in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Fix build with CONFIG_INPUT=n (git-fixes).
- ALSA: usb-audio: Remove unneeded wmb() in mixer_quirks (stable-fixes).
- ALSA: usb-audio: Simplify NULL comparison in mixer_quirks (stable-fixes).
- ALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free (git-fixes).
- ALSA: usb-audio: move mixer_quirks' min_mute into common quirk (stable-fixes).
- ASoC: Intel: bytcht_es8316: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (git-fixes).
- ASoC: Intel: bytcr_rt5651: Fix invalid quirk input mapping (git-fixes).
- ASoC: SOF: Intel: hda-stream: Fix incorrect variable used in error message (git-fixes).
- ASoC: codecs: tx-macro: correct tx_macro_component_drv name (stable-fixes).
- ASoC: imx-hdmi: remove cpu_pdev related code (git-fixes).
- ASoC: qcom: audioreach: Fix lpaif_type configuration for the I2S interface (git-fixes).
- ASoC: qcom: audioreach: fix potential null pointer dereference (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed (git-fixes).
- ASoC: qcom: q6apm-lpass-dais: Fix missing set_fmt DAI op for I2S (git-fixes).
- ASoC: wcd934x: fix error handling in wcd934x_codec_parse_data() (git-fixes).
- ASoC: wm8940: Correct PLL rate rounding (git-fixes).
- ASoC: wm8940: Correct typo in control name (git-fixes).
- ASoC: wm8974: Correct PLL rate rounding (git-fixes).
- Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() (git-fixes).
- Bluetooth: ISO: Fix possible UAF on iso_conn_free (git-fixes).
- Bluetooth: ISO: do not leak skb in ISO_CONT RX (git-fixes).
- Bluetooth: MGMT: Fix not exposing debug UUID on MGMT_OP_READ_EXP_FEATURES_INFO (git-fixes).
- Bluetooth: MGMT: Fix possible UAFs (git-fixes).
- Bluetooth: compute LE flow credits based on recvbuf space (git-fixes).
- Bluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync (git-fixes).
- Bluetooth: hci_sync: Avoid adding default advertising on startup (stable-fixes).
- Bluetooth: hci_sync: Fix hci_resume_advertising_sync (git-fixes).
- Bluetooth: qca: fix invalid device address check (git-fixes).
- Bluetooth: qca: fix wcn3991 device address check (git-fixes).
- Bluetooth: vhci: Prevent use-after-free by removing debugfs files early (git-fixes).
- CONFIG & no reference -> OK temporarily, must be resolved eventually
- Correct typos of References tags in some patches
- Do not self obsolete older kernel variants
- Drivers: hv: Always select CONFIG_SYSFB for Hyper-V guests (git-fixes).
- Drivers: hv: Select CONFIG_SYSFB only if EFI is enabled (git-fixes).
- EDAC/i10nm: Skip DIMM enumeration on a disabled memory controller (git-fixes).
- HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() (stable-fixes).
- HID: input: rename hidinput_set_battery_charge_status() (stable-fixes).
- HID: input: report battery status changes immediately (git-fixes).
- HID: intel-ish-ipc: Remove redundant ready check after timeout function (git-fixes).
- HID: mcp2221: Do not set bus speed on every transfer (stable-fixes).
- HID: mcp2221: Handle reads greater than 60 bytes (stable-fixes).
- HID: quirks: add support for Legion Go dual dinput modes (stable-fixes).
- HID: wacom: Add a new Art Pen 2 (stable-fixes).
- IB/mlx5: Fix obj_type mismatch for SRQ event subscriptions (git-fixes)
- IB/sa: Fix sa_local_svc_timeout_ms read race (git-fixes)
- Input: i8042 - add TUXEDO InfinityBook Pro Gen10 AMD to i8042 quirk table (stable-fixes).
- Input: iqs7222 - avoid enabling unused interrupts (stable-fixes).
- KVM: SVM: Clear current_vmcb during vCPU free for all *possible* CPUs (git-fixes).
- KVM: SVM: Disable interception of SPEC_CTRL iff the MSR exists for the guest (git-fixes).
- KVM: SVM: Sync TPR from LAPIC into VMCB::V_TPR even if AVIC is active (git-fixes).
- KVM: VMX: Extract checking of guest's DEBUGCTL into helper (git-fixes).
- KVM: VMX: Flush shadow VMCS on emergency reboot (git-fixes).
- KVM: VMX: Handle KVM-induced preemption timer exits in fastpath for L2 (git-fixes).
- KVM: VMX: Handle forced exit due to preemption timer in fastpath (git-fixes).
- KVM: VMX: Re-enter guest in fastpath for 'spurious' preemption timer exits (git-fixes).
- KVM: arm64: vgic: fix incorrect spinlock API usage (git-fixes).
- KVM: s390: Fix incorrect usage of mmu_notifier_register() (git-fixes bsc#1250336).
- KVM: x86/xen: Allow 'out of range' event channel ports in IRQ routing table (git-fixes).
- KVM: x86: Drop pending_smi vs. INIT_RECEIVED check when setting MP_STATE (git-fixes).
- KVM: x86: Fully defer to vendor code to decide how to force immediate exit (git-fixes).
- KVM: x86: Move handling of is_guest_mode() into fastpath exit handlers (git-fixes).
- KVM: x86: Plumb 'force_immediate_exit' into kvm_entry() tracepoint (git-fixes).
- KVM: x86: avoid underflow when scaling TSC frequency (git-fixes).
- NFSv4.1: fix backchannel max_resp_sz verification check (git-fixes).
- NFSv4/flexfiles: Fix layout merge mirror check (git-fixes).
- NFSv4: Clear the NFS_CAP_FS_LOCATIONS flag if it is not set (git-fixes).
- NFSv4: Clear the NFS_CAP_XATTR flag if not supported by the server (git-fixes).
- NFSv4: Do not clear capabilities that won't be reset (git-fixes).
- PCI/AER: Fix missing uevent on recovery when a reset is requested (git-fixes).
- PCI/ERR: Fix uevent on failure to recover (git-fixes).
- PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV (git-fixes).
- PCI/sysfs: Ensure devices are powered for config reads (git-fixes).
- PCI: Extend isolated function probing to LoongArch (git-fixes).
- PCI: keystone: Use devm_request_irq() to free 'ks-pcie-error-irq' on exit (git-fixes).
- PCI: rcar-host: Drop PMSR spinlock (git-fixes).
- PCI: tegra194: Fix broken tegra_pcie_ep_raise_msi_irq() (git-fixes).
- PCI: tegra194: Fix duplicate PLL disable in pex_ep_event_pex_rst_assert() (git-fixes).
- PCI: tegra194: Handle errors in BPMP response (git-fixes).
- PCI: tegra: Convert struct tegra_msi mask_lock into raw spinlock (git-fixes).
- PCI: tegra: Fix devm_kcalloc() argument order for port->phys allocation (git-fixes).
- PM / devfreq: mtk-cci: Fix potential error pointer dereference in probe() (git-fixes).
- PM: sleep: core: Clear power.must_resume in noirq suspend error path (git-fixes).
- RDMA/cm: Rate limit destroy CM ID timeout error message (git-fixes)
- RDMA/core: Resolve MAC of next-hop device without ARP support (git-fixes)
- RDMA/mlx5: Better estimate max_qp_wr to reflect WQE count (git-fixes)
- RDMA/mlx5: Fix vport loopback forcing for MPV device (git-fixes)
- RDMA/rxe: Fix race in do_task() when draining (git-fixes)
- RDMA/siw: Always report immediate post SQ errors (git-fixes)
- Revert 'SUNRPC: Do not allow waiting for exiting tasks' (git-fixes).
- Revert 'drm/amdgpu: fix incorrect vm flags to map bo' (stable-fixes).
- SUNRPC: call xs_sock_process_cmsg for all cmsg (git-fixes).
- Squashfs: add additional inode sanity checking (git-fixes).
- Squashfs: fix uninit-value in squashfs_get_parent (git-fixes).
- Squashfs: reject negative file sizes in squashfs_read_inode() (git-fixes).
- USB: gadget: dummy-hcd: Fix locking bug in RT-enabled kernels (git-fixes).
- USB: serial: option: add Telit Cinterion FN990A w/audio compositions (stable-fixes).
- USB: serial: option: add Telit Cinterion LE910C4-WWX new compositions (stable-fixes).
- afs: Fix potential null pointer dereference in afs_put_server (git-fixes).
- arch: arm64: Drop arm64 patches that may lead to module load failure (bsc#1250057).
- arm64: Handle KCOV __init vs inline mismatches (git-fixes)
- arm64: Mark kernel as tainted on SAE and SError panic (git-fixes)
- arm64: dts: apple: Add ethernet0 alias for J375 template (git-fixes)
- arm64: dts: apple: t8103-j457: Fix PCIe ethernet iommu-map (git-fixes)
- arm64: dts: imx8mp-tqma8mpql: fix LDO5 power off (git-fixes)
- arm64: dts: imx8mp: Correct thermal sensor index (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on DH electronics (git-fixes)
- arm64: dts: imx8mp: Fix missing microSD slot vqmmc on Data Modul (git-fixes)
- arm64: dts: rockchip: Add vcc-supply to SPI flash on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on (git-fixes)
- arm64: dts: rockchip: disable unrouted USB controllers and PHY on RK3399 Puma with Haikou (git-fixes).
- arm64: dts: rockchip: fix internal USB hub instability on RK3399 Puma (git-fixes)
- arm64: dts: rockchip: use cs-gpios for spi1 on ringneck (git-fixes)
- arm64: ftrace: fix unreachable PLT for ftrace_caller in init_module (git-fixes)
- ax25: properly unshare skbs in ax25_kiss_rcv() (git-fixes).
- batman-adv: fix OOB read/write in network-coding decode (git-fixes).
- bpf, bpftool: Fix incorrect disasm pc (git-fixes).
- bpf: Adjust free target to avoid global starvation of LRU map (git-fixes).
- bpf: Fix iter/task tid filtering (git-fixes).
- bpf: Fix link info netfilter flags to populate defrag flag (git-fixes).
- bpf: Make reg_not_null() true for CONST_PTR_TO_MAP (git-fixes).
- bpf: Properly test iter/task tid filtering (git-fixes).
- bpf: bpftool: Setting error code in do_loader() (git-fixes).
- bpf: handle implicit declaration of function gettid in bpf_iter.c
- bpf: skip non exist keys in generic_map_lookup_batch (git-fixes).
- bpftool: Fix JSON writer resource leak in version command (git-fixes).
- bpftool: Fix memory leak in dump_xx_nlmsg on realloc failure (git-fixes).
- bpftool: Fix readlink usage in get_fd_type (git-fixes).
- bpftool: Mount bpffs when pinmaps path not under the bpffs (git-fixes).
- bpftool: fix potential NULL pointer dereferencing in prog_dump() (git-fixes).
- btrfs: abort transaction during log replay if walk_log_tree() failed (git-fixes).
- btrfs: abort transaction on unexpected eb generation at btrfs_copy_root() (git-fixes).
- btrfs: add cancellation points to trim loops (git-fixes).
- btrfs: always abort transaction on failure to add block group to free space tree (git-fixes).
- btrfs: always update fstrim_range on failure in FITRIM ioctl (git-fixes).
- btrfs: avoid load/store tearing races when checking if an inode was logged (git-fixes).
- btrfs: fix data overwriting bug during buffered write when block size < page size (git-fixes).
- btrfs: fix invalid extref key setup when replaying dentry (git-fixes).
- btrfs: fix race between logging inode and checking if it was logged before (git-fixes).
- btrfs: fix race between setting last_dir_index_offset and inode logging (git-fixes).
- btrfs: make found_logical_ret parameter mandatory for function queue_scrub_stripe() (git-fixes).
- btrfs: move transaction aborts to the error site in add_block_group_free_space() (git-fixes).
- btrfs: qgroup: fix race between quota disable and quota rescan ioctl (git-fixes).
- btrfs: scrub: avoid unnecessary csum tree search preparing stripes (git-fixes).
- btrfs: scrub: avoid unnecessary extent tree search preparing stripes (git-fixes).
- btrfs: scrub: fix grouping of read IO (git-fixes).
- btrfs: scrub: remove scrub_ctx::csum_list member (git-fixes).
- btrfs: split remaining space to discard in chunks (git-fixes).
- btrfs: tree-checker: fix the incorrect inode ref size check (git-fixes).
- btrfs: use SECTOR_SHIFT to convert physical offset to LBA (git-fixes).
- build_bug.h: Add KABI assert (bsc#1249186).
- bus: fsl-mc: Check return value of platform_get_resource() (git-fixes).
- bus: mhi: host: Do not use uninitialized 'dev' pointer in mhi_init_irq_setup() (git-fixes).
- can: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: hi311x: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: j1939: implement NETDEV_UNREGISTER notification handler (git-fixes).
- can: j1939: j1939_local_ecu_get(): undo increment when j1939_local_ecu_get() fails (git-fixes).
- can: j1939: j1939_sk_bind(): call j1939_priv_put() immediately when j1939_local_ecu_get() failed (git-fixes).
- can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: peak_usb: fix shift-out-of-bounds issue (git-fixes).
- can: rcar_can: rcar_can_resume(): fix s2ram with PSCI (stable-fixes).
- can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow (git-fixes).
- can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB (git-fixes).
- cdc_ncm: Flag Intel OEM version of Fibocom L850-GL as WWAN (stable-fixes).
- ceph: fix possible integer overflow in ceph_zero_objects() (git-fixes).
- ceph: validate snapdirname option length when mounting (git-fixes).
- cgroup/cpuset: Use static_branch_enable_cpuslocked() on cpusets_insane_config_key (bsc#1241166).
- cgroup/rstat: Optimize cgroup_rstat_updated_list() (bsc#1247963).
- cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (bsc#1247963).
- cgroup: llist: avoid memory tears for llist_node (bsc#1247963).
- cgroup: make css_rstat_updated nmi safe (bsc#1247963).
- cgroup: remove cgroup_rstat_flush_atomic() (bsc#1247963).
- cgroup: remove per-cpu per-subsystem locks (bsc#1247963).
- cgroup: support to enable nmi-safe css_rstat_updated (bsc#1247963).
- compiler-clang.h: define __SANITIZE_*__ macros only when undefined (stable-fixes).
- compiler: remove __ADDRESSABLE_ASM{_STR,}() again (git-fixes).
- cpufreq: CPPC: Mark driver with NEED_UPDATE_LIMITS flag (stable-fixes).
- cpufreq: Exit governor when failed to start old governor (stable-fixes).
- cpufreq: Init policy->rwsem before it may be possibly used (git-fixes).
- cpufreq: Initialize cpufreq-based frequency-invariance later (git-fixes).
- cpufreq: Initialize cpufreq-based invariance before subsys (git-fixes).
- cpufreq: Use the fixed and coherent frequency for scaling capacity (stable-fixes).
- cpufreq: cppc: Fix invalid return value in .get() callback (git-fixes).
- cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (git-fixes).
- cpufreq: intel_pstate: Always use HWP_DESIRED_PERF in passive mode (git-fixes).
- cpufreq: intel_pstate: Unchecked MSR aceess in legacy mode (git-fixes).
- cpufreq: scpi: compare kHz instead of Hz (git-fixes).
- cpufreq: tegra186: Share policy per cluster (stable-fixes).
- cpupower: Fix a bug where the -t option of the set subcommand was not working (stable-fixes).
- crypto: af_alg - Set merge to zero early in af_alg_sendmsg (git-fixes).
- crypto: aspeed - Fix dma_unmap_sg() direction (git-fixes).
- crypto: atmel - Fix dma_unmap_sg() direction (git-fixes).
- crypto: hisilicon/qm - check whether the input function and PF are on the same device (git-fixes).
- crypto: hisilicon/qm - set NULL to qm->debug.qm_diff_regs (git-fixes).
- crypto: keembay - Add missing check after sg_nents_for_len() (git-fixes).
- crypto: qat - add shutdown handler to qat_c3xxx (git-fixes).
- crypto: qat - add shutdown handler to qat_c62x (git-fixes).
- crypto: qat - add shutdown handler to qat_dh895xcc (git-fixes).
- dma/pool: Ensure DMA_DIRECT_REMAP allocations are decrypted (stable-fixes).
- dmaengine: Fix dma_async_tx_descriptor->tx_submit documentation (git-fixes).
- dmaengine: dw: dmamux: Fix device reference leak in rzn1_dmamux_route_allocate (git-fixes).
- dmaengine: idxd: Fix double free in idxd_setup_wqs() (git-fixes).
- dmaengine: idxd: Fix refcount underflow on module unload (git-fixes).
- dmaengine: idxd: Remove improper idxd_free (git-fixes).
- dmaengine: mediatek: Fix a flag reuse error in mtk_cqdma_tx_status() (git-fixes).
- dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees (git-fixes).
- dmaengine: ti: edma: Fix memory allocation size for queue_priority_map (git-fixes).
- docs: admin-guide: update to current minimum pipe size default (git-fixes).
- drivers/base/node: fix double free in register_one_node() (git-fixes).
- drivers/base/node: handle error properly in register_one_node() (git-fixes).
- drivers/base/node: optimize memory block registration to reduce boot time (bsc#1241866).
- drivers/base/node: remove register_mem_block_under_node_early() (bsc#1241866).
- drivers/base/node: remove register_memory_blocks_under_node() function call from register_one_node (bsc#1241866).
- drivers/base/node: rename __register_one_node() to register_one_node() (bsc#1241866).
- drivers/base/node: rename register_memory_blocks_under_node() and remove context argument (bsc#1241866).
- drm/amd/amdgpu: Fix missing error return on kzalloc failure (git-fixes).
- drm/amd/display: Disable DPCD Probe Quirk (bsc#1248121).
- drm/amd/display: Do not warn when missing DCE encoder caps (stable-fixes).
- drm/amd/display: Remove redundant semicolons (git-fixes).
- drm/amd/display: use udelay rather than fsleep (git-fixes).
- drm/amd/pm: Adjust si_upload_smc_data register programming (v3) (git-fixes).
- drm/amd/pm: Disable MCLK switching with non-DC at 120 Hz+ (v2) (git-fixes).
- drm/amd/pm: Disable SCLK switching on Oland with high pixel clocks (v3) (git-fixes).
- drm/amd/pm: Disable ULV even if unsupported (v3) (git-fixes).
- drm/amd/pm: Fix si_upload_smc_data (v3) (git-fixes).
- drm/amd/pm: Treat zero vblank time as too short in si_dpm (v3) (git-fixes).
- drm/amdgpu/vcn4: Fix IB parsing with multiple engine info packages (stable-fixes).
- drm/amdgpu/vcn: Allow limiting ctx to instance 0 for AV1 at any time (stable-fixes).
- drm/amdgpu: Power up UVD 3 for FW validation (v2) (git-fixes).
- drm/amdgpu: drop hw access in non-DC audio fini (stable-fixes).
- drm/amdgpu: fix a memory leak in fence cleanup when unloading (git-fixes).
- drm/amdgpu: remove the redeclaration of variable i (git-fixes).
- drm/amdkfd: Fix error code sign for EINVAL in svm_ioctl() (git-fixes).
- drm/ast: Use msleep instead of mdelay for edid read (bsc#1250530).
- drm/bridge: it6505: select REGMAP_I2C (git-fixes).
- drm/bridge: ti-sn65dsi86: fix REFCLK setting (git-fixes).
- drm/dp: Add an EDID quirk for the DPCD register access probe (bsc#1248121).
- drm/dp: Change AUX DPCD probe address from LANE0_1_STATUS to TRAINING_PATTERN_SET (bsc#1248121).
- drm/edid: Add support for quirks visible to DRM core and drivers (bsc#1248121).
- drm/edid: Define the quirks in an enum list (bsc#1248121).
- drm/gma500: Fix null dereference in hdmi teardown (git-fixes).
- drm/i915/backlight: Return immediately when scale() finds invalid parameters (stable-fixes).
- drm/i915/power: fix size for for_each_set_bit() in abox iteration (git-fixes).
- drm/mediatek: fix potential OF node use-after-free (git-fixes).
- drm/msm/dpu: fix incorrect type for ret (git-fixes).
- drm/panel: novatek-nt35560: Fix invalid return value (git-fixes).
- drm/radeon/r600_cs: clean up of dead code in r600_cs (git-fixes).
- drm/rcar-du: dsi: Fix 1/2/3 lane support (git-fixes).
- drm: bridge: anx7625: Fix NULL pointer dereference with early IRQ (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix missing mutex unlock on error path (git-fixes).
- erofs: fix atomic context detection when !CONFIG_DEBUG_LOCK_ALLOC (git-fixes).
- ext4: remove writable userspace mappings before truncating page cache (bsc#1247223).
- fbcon: Fix OOB access in font allocation (git-fixes).
- fbcon: fix integer overflow in fbcon_do_set_font (git-fixes).
- firewire: core: fix overlooked update of subsystem ABI version (git-fixes).
- firmware: meson_sm: fix device leak at probe (git-fixes).
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (git-fixes).
- fs/nfs/io: make nfs_start_io_*() killable (git-fixes).
- fs: Limit patch filenames to 100 characters (bsc#1249604).
- hv_netvsc: Fix panic during namespace deletion with VF (bsc#1248111).
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (git-fixes).
- hwmon: (mlxreg-fan) Separate methods of fan setting coming from different subsystems (git-fixes).
- hwmon: mlxreg-fan: Prevent fans from getting stuck at 0 RPM (git-fixes).
- hwrng: ks-sa - fix division by zero in ks_sa_rng_init (git-fixes).
- hwrng: nomadik - add ARM_AMBA dependency (git-fixes).
- hypfs_create_cpu_files(): add missing check for hypfs_mkdir() failure (git-fixes bsc#1249122).
- i2c: designware: Add disabling clocks when probe fails (git-fixes).
- i2c: i801: Hide Intel Birch Stream SoC TCO WDT (git-fixes).
- i2c: mediatek: fix potential incorrect use of I2C_MASTER_WRRD (git-fixes).
- i2c: riic: Allow setting frequencies lower than 50KHz (git-fixes).
- i2c: tegra: Use internal reset when reset property is not available (bsc#1249143)
- i3c: Fix default I2C adapter timeout value (git-fixes).
- i3c: master: svc: Recycle unused IBI slot (git-fixes).
- iio: consumers: Fix offset handling in iio_convert_raw_to_processed() (git-fixes).
- iio: dac: ad5360: use int type to store negative error codes (git-fixes).
- iio: dac: ad5421: use int type to store negative error codes (git-fixes).
- iio: frequency: adf4350: Fix ADF4350_REG3_12BIT_CLKDIV_MODE (git-fixes).
- iio: frequency: adf4350: Fix prescaler usage (git-fixes).
- iio: imu: inv_icm42600: Drop redundant pm_runtime reinitialization in resume (git-fixes).
- iio: xilinx-ams: Fix AMS_ALARM_THR_DIRECT_MASK (git-fixes).
- iio: xilinx-ams: Unmask interrupts after updating alarms (git-fixes).
- iommu/vt-d: Fix __domain_mapping()'s usage of switch_to_super_page() (git-fixes).
- isolcpus: add missing hunk back (bsc#1236897 bsc#1249206).
- kABI fix after vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- kABI fix for 'netfilter: nf_tables: Audit log rule reset' (git-fixes).
- kABI workaround for 'drm/dp: Add an EDID quirk for the DPCD register access probe' (bsc#1248121).
- kABI workaround for RCU tasks exit tracking (bsc#1246298).
- kABI: adjust new field on ip_ct_sctp struct (git-fixes).
- kABI: arm64: ftrace: Restore init_module behavior (git-fixes).
- kABI: arm64: ftrace: Restore struct mod_arch_specific layout (git-fixes).
- kABI: make nft_trans_gc_catchall() public again (git-fixes).
- kABI: netfilter flowtable move gc operation to bottom (git-fixes).
- kabi: Restore layout of parallel_data (bsc1248343).
- kabi: add struct cgroup_extra (bsc#1247963).
- kabi: restore layout of struct cgroup_rstat_cpu (bsc#1247963).
- kbuild/modpost: Continue processing all unresolved symbols when KLP_SYM_RELA is found (bsc#1218644, bsc#1250655).
- kernel-source: Do not list mkspec and its inputs as sources (bsc#1250522).
- mISDN: Fix memory leak in dsp_hwec_enable() (git-fixes).
- maple_tree: fix MAPLE_PARENT_RANGE32 and parent pointer docs (git-fixes).
- media: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove (git-fixes).
- media: cx18: Add missing check after DMA map (git-fixes).
- media: i2c: mt9v111: fix incorrect type for ret (git-fixes).
- media: lirc: Fix error handling in lirc_register() (git-fixes).
- media: pci: ivtv: Add missing check after DMA map (git-fixes).
- media: rc: fix races with imon_disconnect() (git-fixes).
- media: rj54n1cb0c: Fix memleak in rj54n1_probe() (git-fixes).
- media: st-delta: avoid excessive stack usage (git-fixes).
- media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID (git-fixes).
- media: v4l2-subdev: Fix alloc failure check in v4l2_subdev_call_state_try() (git-fixes).
- media: zoran: Remove zoran_fh structure (git-fixes).
- memory: samsung: exynos-srom: Fix of_iomap leak in exynos_srom_probe (git-fixes).
- mfd: rz-mtu3: Fix MTU5 NFCR register offset (git-fixes).
- mfd: vexpress-sysreg: Check the return value of devm_gpiochip_add_data() (git-fixes).
- misc: genwqe: Fix incorrect cmd field being reported in error (git-fixes).
- mm/hwpoison: do not send SIGBUS to processes with recovered clean pages (git-fixes).
- mm/memory-failure: fix infinite UCE for VM_PFNMAP pfn (git-fixes).
- mm: introduce and use {pgd,p4d}_populate_kernel() (git-fixes).
- mm: move page table sync declarations to linux/pgtable.h (git-fixes).
- mmc: core: Use GFP_NOIO in ACMD22 (git-fixes).
- mmc: mvsdio: Fix dma_unmap_sg() nents value (git-fixes).
- mmc: sdhci-cadence: add Mobileye eyeQ support (stable-fixes).
- mtd: nand: raw: atmel: Fix comment in timings preparation (stable-fixes).
- mtd: nand: raw: atmel: Respect tAR, tCLR in read setup timing (git-fixes).
- mtd: rawnand: omap2: fix device leak on probe failure (git-fixes).
- mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer (git-fixes).
- mtd: rawnand: stm32_fmc2: fix ECC overwrite (git-fixes).
- net: hv_netvsc: fix loss of early receive events from host during channel open (git-fixes).
- net: nfc: nci: Add parameter validation for packet data (git-fixes).
- net: phy: fix phy_uses_state_machine() (git-fixes).
- net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer (git-fixes).
- net: rose: convert 'use' field to refcount_t (git-fixes).
- net: rose: fix a typo in rose_clear_routes() (git-fixes).
- net: rose: include node references in rose_neigh refcount (git-fixes).
- net: rose: split remove and free operations in rose_remove_neigh() (stable-fixes).
- net: usb: Remove disruptive netif_wake_queue in rtl8150_set_multicast (git-fixes).
- net: usb: cdc-ncm: check for filtering capability (git-fixes).
- net: usb: qmi_wwan: add Telit Cinterion LE910C4-WWX new compositions (git-fixes).
- netfilter: conntrack: fix extension size table (git-fixes).
- netfilter: flowtable: GC pushes back packets to classic path (git-fixes).
- netfilter: handle the connecting collision properly in nf_conntrack_proto_sctp (git-fixes).
- netfilter: nat: fix ipv6 nat redirect with mapped and scoped addresses (git-fixes).
- netfilter: nf_conntrack_bridge: initialize err to 0 (git-fixes).
- netfilter: nf_tables: A better name for nft_obj_filter (git-fixes).
- netfilter: nf_tables: Audit log rule reset (git-fixes).
- netfilter: nf_tables: Carry reset boolean in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Carry s_idx in nft_obj_dump_ctx (git-fixes).
- netfilter: nf_tables: Deduplicate nft_register_obj audit logs (git-fixes).
- netfilter: nf_tables: Drop pointless memset in nf_tables_dump_obj (git-fixes).
- netfilter: nf_tables: Drop pointless memset when dumping rules (git-fixes).
- netfilter: nf_tables: Fix entries val in rule reset audit log (git-fixes).
- netfilter: nf_tables: Introduce nf_tables_getrule_single() (git-fixes).
- netfilter: nf_tables: Open-code audit log call in nf_tables_getrule() (git-fixes).
- netfilter: nf_tables: Unbreak audit log reset (git-fixes).
- netfilter: nf_tables: Unconditionally allocate nft_obj_filter (git-fixes).
- netfilter: nf_tables: audit log object reset once per table (git-fixes).
- netfilter: nf_tables: bogus ENOENT when destroying element which does not exist (git-fixes).
- netfilter: nf_tables: disallow element removal on anonymous sets (git-fixes).
- netfilter: nf_tables: do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: nft_obj_filter fits into cb->ctx (git-fixes).
- netfilter: nf_tables: remove catchall element in GC sync path (git-fixes).
- netfilter: nf_tables: revert do not remove elements if set backend implements .abort (git-fixes).
- netfilter: nf_tables: split async and sync catchall in two functions (git-fixes).
- netfilter: nfnetlink_log: silence bogus compiler warning (git-fixes).
- netfilter: nft_payload: fix wrong mac header matching (git-fixes).
- netfilter: nft_set_hash: try later when GC hits EAGAIN on iteration (git-fixes).
- netfilter: nft_set_pipapo: call nft_trans_gc_queue_sync() in catchall GC (git-fixes).
- netfilter: nft_set_pipapo: stop GC iteration if GC transaction allocation fails (git-fixes).
- netfilter: nft_set_rbtree: prefer sync gc to async worker (git-fixes).
- netfilter: nft_set_rbtree: rename gc deactivate+erase function (git-fixes).
- netfilter: xt_recent: fix (increase) ipv6 literal buffer length (git-fixes).
- nilfs2: fix CFI failure when accessing /sys/fs/nilfs2/features/* (git-fixes).
- nouveau: fix disabling the nonstall irq due to storm code (git-fixes).
- nvme-fc: use lock accessing port_state and rport state (bsc#1245193 bsc#1247500).
- nvme-pci: try function level reset on init failure (git-fixes).
- nvmet-fc: avoid scheduling association deletion twice (bsc#1245193 bsc#1247500).
- nvmet-fc: move lsop put work to nvmet_fc_ls_req_op (bsc#1245193 bsc#1247500).
- nvmet-fcloop: call done callback even when remote port is gone (bsc#1245193 bsc#1247500).
- orangefs: Remove unused type in macro fill_default_sys_attrs (git-fixes).
- pcmcia: Add error handling for add_interval() in do_validate_mem() (git-fixes).
- pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() (git-fixes).
- pcmcia: omap: Add missing check for platform_get_resource (git-fixes).
- phy: rockchip: naneng-combphy: Enable U3 OTG port for RK3568 (git-fixes).
- phy: tegra: xusb: fix device and OF node leak at probe (git-fixes).
- phy: ti-pipe3: fix device leak at unbind (git-fixes).
- pinctrl: equilibrium: Remove redundant semicolons (git-fixes).
- pinctrl: meson-gxl: add missing i2c_d pinmux (git-fixes).
- pinctrl: renesas: Use int type to store negative error codes (git-fixes).
- pinctrl: samsung: Drop unused S3C24xx driver data (git-fixes).
- platform/mellanox: mlxbf-pmc: Remove newline char from event name input (git-fixes).
- platform/mellanox: mlxbf-pmc: Validate event/enable input (git-fixes).
- platform/x86/amd/pmc: Add TUXEDO IB Pro Gen10 AMD to spurious 8042 quirks list (stable-fixes).
- platform/x86: dell-wmi-sysman: Fix class device unregistration (git-fixes).
- platform/x86: think-lmi: Fix class device unregistration (git-fixes).
- platform/x86: thinkpad_acpi: Handle KCOV __init vs inline mismatches (git-fixes).
- power: supply: bq27xxx: fix error return in case of no bq27000 hdq battery (git-fixes).
- power: supply: bq27xxx: restrict no-battery detection to bq27000 (git-fixes).
- power: supply: cw2015: Fix a alignment coding style issue (git-fixes).
- power: supply: max77976_charger: fix constant current reporting (git-fixes).
- pptp: fix pptp_xmit() error path (git-fixes).
- pwm: berlin: Fix wrong register in suspend/resume (git-fixes).
- pwm: tiehrpwm: Fix corner case in clock divisor calculation (git-fixes).
- pwm: tiehrpwm: Make code comment in .free() more useful (git-fixes).
- rcu-tasks: Add data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Eliminate deadlocks involving do_exit() and RCU (bsc#1246298)
- rcu-tasks: Initialize callback lists at rcu_init() time (bsc#1246298)
- rcu-tasks: Initialize data to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain lists to eliminate RCU-tasks/do_exit() (bsc#1246298)
- rcu-tasks: Maintain real-time response in (bsc#1246298)
- rcu/exp: Fix RCU expedited parallel grace period kworker (git-fixes)
- rcu/exp: Handle RCU expedited grace period kworker allocation (git-fixes)
- rcu: Fix racy re-initialization of irq_work causing hangs (git-fixes)
- regmap: Remove superfluous check for !config in __regmap_init() (git-fixes).
- regulator: scmi: Use int type to store negative error codes (git-fixes).
- regulator: sy7636a: fix lifecycle of power good gpio (git-fixes).
- rpm: Configure KABI checkingness macro (bsc#1249186).
- rpm: Drop support for kabi/arch/ignore-flavor (bsc#1249186).
- rpm: Link arch-symbols script from scripts directory.
- rpm: Link guards script from scripts directory.
- s390/cpum_cf: Deny all sampling events by counter PMU (git-fixes bsc#1249481).
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (git-fixes bsc#1248733 LTC#214881).
- s390/hypfs: Enable limited access during lockdown (git-fixes bsc#1248733 LTC#214881).
- s390/ism: fix concurrency management in ism_cmd() (git-fixes bsc#1248735).
- s390/pai: Deny all events not handled by this PMU (git-fixes bsc#1249482).
- s390/pci: Allow automatic recovery with minimal driver support (git-fixes bsc#1248734 LTC#214880).
- s390/sclp: Fix SCCB present check (git-fixes bsc#1249123).
- s390/stp: Remove udelay from stp_sync_clock() (git-fixes bsc#1249124).
- s390/time: Use monotonic clock in get_cycles() (git-fixes bsc#1249125).
- s390/vfio-ap: Fix no AP queue sharing allowed message written to kernel log (git-fixes bsc#1249488).
- sched/deadline: Collect sched_dl_entity initialization (git-fixes)
- sched/fair: Remove unused parameter from sched_asym() (git-fixes)
- sched/fair: Take the scheduling domain into account in (git-fixes)
- sched/isolation: Fix boot crash when maxcpus < first (git-fixes)
- sched/numa, mm: do not try to migrate memory to memoryless (git-fixes)
- scsi: fc: Avoid -Wflex-array-member-not-at-end warnings (bsc#1250519).
- scsi: lpfc: Abort outstanding ELS WQEs regardless of if rmmod is in progress (bsc#1250519).
- scsi: lpfc: Check return status of lpfc_reset_flush_io_context during TGT_RESET (bsc#1250519).
- scsi: lpfc: Clean up allocated queues when queue setup mbox commands fail (bsc#1250519).
- scsi: lpfc: Copyright updates for 14.4.0.11 patches (bsc#1250519).
- scsi: lpfc: Decrement ndlp kref after FDISC retries exhausted (bsc#1250519).
- scsi: lpfc: Ensure PLOGI_ACC is sent prior to PRLI in Point to Point topology (bsc#1250519).
- scsi: lpfc: Fix buffer free/clear order in deferred receive path (bsc#1250519).
- scsi: lpfc: Fix wrong function reference in a comment (bsc#1250519).
- scsi: lpfc: Remove ndlp kref decrement clause for F_Port_Ctrl in lpfc_cleanup (bsc#1250519).
- scsi: lpfc: Remove redundant assignment to avoid memory leak (bsc#1250519).
- scsi: lpfc: Remove unused member variables in struct lpfc_hba and lpfc_vport (bsc#1250519).
- scsi: lpfc: Update lpfc version to 14.4.0.11 (bsc#1250519).
- scsi: lpfc: Use int type to store negative error codes (bsc#1250519).
- scsi: lpfc: use min() to improve code (bsc#1250519).
- scsi: qla2xxx: Avoid stack frame size warning in qla_dfs (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in START_SP_W_RETRIES() (git-fixes).
- scsi: qla2xxx: Fix incorrect sign of error code in qla_nvme_xmt_ls_rsp() (git-fixes).
- scsi: qla2xxx: Remove firmware URL (git-fixes).
- scsi: qla2xxx: Use secs_to_jiffies() instead of msecs_to_jiffies() (git-fixes).
- scsi: qla2xxx: edif: Fix incorrect sign of error code (git-fixes).
- seccomp: Fix a race with WAIT_KILLABLE_RECV if the tracer replies too fast (git-fixes).
- selftests/bpf: Add asserts for netfilter link info (git-fixes).
- selftests/bpf: Add cmp_map_pointer_with_const test (git-fixes).
- selftests/bpf: Add test cases with CONST_PTR_TO_MAP null checks (git-fixes).
- selftests/bpf: adapt one more case in test_lru_map to the new target_free (git-fixes).
- selftests/cpufreq: Fix cpufreq basic read and update testcases (bsc#1250344).
- selftests: bpf: test batch lookup on array of maps with holes (git-fixes).
- serial: max310x: Add error checking in probe() (git-fixes).
- serial: sc16is7xx: fix bug in flow control levels init (git-fixes).
- soc: qcom: rpmh-rsc: Unconditionally clear _TRIGGER bit for TCS (git-fixes).
- spi: bcm2835: Remove redundant semicolons (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before DAC access (git-fixes).
- spi: cadence-quadspi: Flush posted register writes before INDAC access (git-fixes).
- spi: mtk-snfi: Remove redundant semicolons (git-fixes).
- spi: spi-fsl-lpspi: Fix transmissions when using CONT (git-fixes).
- spi: spi-fsl-lpspi: Reset FIFO and disable module on transfer abort (git-fixes).
- spi: spi-fsl-lpspi: Set correct chip-select polarity bit (git-fixes).
- struct cdc_ncm_ctx: hide new member filtering_supported (git-fixes).
- struct ci_hdrc: new member has_short_pkt_limit to end (git-fixes).
- struct l2cap_chan: shift new member rx_avail to end (git-fixes).
- supported.conf: mark hyperv_drm as external
- thermal/drivers/qcom/lmh: Add missing IRQ includes (git-fixes).
- thunderbolt: Compare HMAC values in constant time (git-fixes).
- tty: hvc_console: Call hvc_kick in hvc_write unconditionally (bsc#1230062).
- tty: n_gsm: Do not block input queue by waiting MSC (git-fixes).
- uio: uio_pdrv_genirq: Remove MODULE_DEVICE_TABLE (git-fixes).
- usb: chipidea: add CI_HDRC_HAS_SHORT_PKT_LIMIT flag (git-fixes).
- usb: core: Add 0x prefix to quirks debug output (stable-fixes).
- usb: dwc3: imx8mp: fix device leak at unbind (git-fixes).
- usb: dwc3: qcom: Do not leave BCR asserted (git-fixes).
- usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup (git-fixes).
- usb: misc: qcom_eud: Access EUD_MODE_MANAGER2 through secure calls (git-fixes).
- usb: typec: fusb302: cache PD RX state (git-fixes).
- usb: typec: maxim_contaminant: disable low power mode when reading comparator values (git-fixes).
- usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean (git-fixes).
- usb: typec: tcpci: use GENMASK() for TCPC_ROLE_CTRL_CC[12] (git-fixes).
- usb: typec: tcpm/tcpci_maxim: fix non-contaminant CC handling (git-fixes).
- usb: typec: tcpm/tcpci_maxim: use GENMASK() for TCPC_VENDOR_CC_CTRL2 register (git-fixes).
- usb: xhci: Fix invalid pointer dereference in Etron workaround (git-fixes).
- use uniform permission checks for all mount propagation changes (git-fixes).
- vhost-scsi: Fix log flooding with target does not exist errors (git-fixes).
- vhost-scsi: Return queue full for page alloc failures during copy (git-fixes).
- vhost/net: Protect ubufs with rcu read lock in vhost_net_ubuf_put() (git-fixes).
- vhost/vsock: Avoid allocating arbitrarily-sized SKBs (git-fixes).
- vhost: fail early when __vhost_add_used() fails (git-fixes).
- vsock/virtio: Resize receive buffers so that each SKB fits in a 4K page (git-fixes).
- vsock/virtio: fix `rx_bytes` accounting for stream sockets (git-fixes).
- vsock: Allow retrying on connect() failure (git-fixes).
- vsock: Fix IOCTL_VM_SOCKETS_GET_LOCAL_CID to check also `transport_local` (git-fixes).
- vsock: avoid timeout during connect() if the socket is closing (git-fixes).
- watchdog: mpc8xxx_wdt: Reload the watchdog timer when enabling the watchdog (git-fixes).
- wifi: ath10k: avoid unnecessary wait for service ready message (git-fixes).
- wifi: ath11k: HAL SRNG: do not deinitialize and re-initialize again (git-fixes).
- wifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load() (git-fixes).
- wifi: ath11k: fix group data packet drops during rekey (git-fixes).
- wifi: ath12k: Add MODULE_FIRMWARE() entries (bsc#1250952).
- wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work (git-fixes).
- wifi: cfg80211: fix use-after-free in cmp_bss() (git-fixes).
- wifi: cfg80211: remove cfg80211_inform_single_bss_frame_data() (git-fixes).
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (git-fixes).
- wifi: cw1200: cap SSID length in cw1200_do_join() (git-fixes).
- wifi: iwlwifi: uefi: check DSM item validity (git-fixes).
- wifi: libertas: cap SSID len in lbs_associate() (git-fixes).
- wifi: mac80211: fix Rx packet handling when pubsta information is not available (git-fixes).
- wifi: mac80211: fix incorrect type for ret (stable-fixes).
- wifi: mac80211: increase scan_ies_len for S1G (stable-fixes).
- wifi: mt76: fix potential memory leak in mt76_wmac_probe() (git-fixes).
- wifi: mt76: mt7996: Initialize hdr before passing to skb_put_data() (git-fixes).
- wifi: mwifiex: Initialize the chan_stats array to zero (git-fixes).
- wifi: mwifiex: send world regulatory domain to driver (git-fixes).
- wifi: rtw89: avoid circular locking dependency in ser_state_run() (git-fixes).
- wifi: virt_wifi: Fix page fault on connect (stable-fixes).
- wifi: wilc1000: avoid buffer overflow in WID string configuration (stable-fixes).
- wireless: purelifi: plfxlc: fix memory leak in plfxlc_usb_wreq_asyn() (git-fixes).
- writeback: Avoid contention on wb->list_lock when switching inodes (bsc#1237776).
- writeback: Avoid contention on wb->list_lock when switching inodes (kABI fixup) (bsc#1237776).
- writeback: Avoid excessively long inode switching times (bsc#1237776).
- writeback: Avoid softlockup when switching many inodes (bsc#1237776).
- wrt: Regression fix for wrt s2idle on AMD laptops (bsc#1243112).
- x86/CPU/AMD: WARN when setting EFER.AUTOIBRS if and only if the WRMSR fails (git-fixes).
- x86/Kconfig: Always enable ARCH_SPARSEMEM_ENABLE (git-fixes).
- x86/amd_nb: Restrict init function to AMD-based systems (git-fixes).
- x86/cpu: Add model number for Intel Clearwater Forest processor (git-fixes).
- x86/fpu: Delay instruction pointer fixup until after warning (git-fixes).
- x86/microcode/AMD: Handle the case of no BIOS microcode (git-fixes).
- x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() (git-fixes).
- x86/rdrand: Disable RDSEED on AMD Cyan Skillfish (git-fixes).
- xen/gntdev: remove struct gntdev_copy_batch from stack (git-fixes).
- xen/netfront: Fix TX response spurious interrupts (git-fixes).
- xen: Add support for XenServer 6.1 platform device (git-fixes).
- xenbus: Allow PVH dom0 a non-local xenstore (git-fixes).
- xfs: rearrange code in xfs_inode_item_precommit (bsc#1237449).
- xfs: rework datasync tracking and execution (bsc#1237449).
- xhci: Fix control transfer error on Etron xHCI host (git-fixes).
- xhci: dbc: Fix full DbC transfer ring after several reconnects (git-fixes).
- xhci: fix memory leak regression when freeing xhci vdev devices depth first (git-fixes).
- xirc2ps_cs: fix register access when enabling FullDuplex (git-fixes).
Patchnames
SUSE-2025-3600,SUSE-SLE-Module-Basesystem-15-SP6-2025-3600,SUSE-SLE-Module-Development-Tools-15-SP6-2025-3600,SUSE-SLE-Module-Legacy-15-SP6-2025-3600,SUSE-SLE-Module-Live-Patching-15-SP6-2025-3600,SUSE-SLE-Product-HA-15-SP6-2025-3600,SUSE-SLE-Product-WE-15-SP6-2025-3600,openSUSE-SLE-15.6-2025-3600
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).