suse-su-2025:4128-1
Vulnerability from csaf_suse
Published
2025-11-18 13:51
Modified
2025-11-18 13:51
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to fix various security issues
The following security issues were fixed:
- CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).
- CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).
- CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).
- CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630).
- CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).
- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated (bsc#1249182).
- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).
- CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).
- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).
- CVE-2025-39683: tracing: Limit access to parser->buffer when trace_get_user failed (bsc#1249286).
- CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).
- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).
- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).
- CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).
- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).
- CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).
- CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).
- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).
- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).
- CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).
- CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).
- CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).
- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).
- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).
- CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).
- CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).
- CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).
- CVE-2025-39949: qed: Don't collect too many protection override GRC elements (bsc#1251177).
- CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect() (bsc#1251804).
- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).
- CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).
- CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).
- CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).
- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).
- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).
- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).
- CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).
- CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).
- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).
- CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).
- CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).
- CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).
- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).
- CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).
- CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).
The following non security issues were fixed:
- ACPI: battery: Add synchronization between interface updates (git-fixes).
- KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).
- KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).
- KVM: x86: Process 'guest stopped request' once per guest time update (git-fixes).
- bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).
- cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).
- drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).
- ext4: fix checks for orphan inodes (bsc#1250119).
- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).
- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).
- module: Prevent silent truncation of module name in delete_module(2) (git-fixes).
- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).
- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).
- perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).
- perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).
- phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).
- powerpc/boot: Fix build with gcc 15 (bsc#1215199).
- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).
- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).
- powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).
- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).
- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)
- proc: fix type confusion in pde_set_flags() (bsc#1248630)
- sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).
- skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).
- smb: client: fix crypto buffers in non-linear memory (bsc#1250491, bsc#1239206).
- smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).
- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).
- tracing: Remove unneeded goto out logic (bsc#1249286).
- x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).
Patchnames
SUSE-2025-4128,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-4128,openSUSE-SLE-15.6-2025-4128
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 Azure kernel was updated to fix various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-38008: mm/page_alloc: fix race condition in unaccepted memory handling (bsc#1244939).\n- CVE-2025-38539: trace/fgraph: Fix the warning caused by missing unregister notifier (bsc#1248211).\n- CVE-2025-38552: mptcp: plug races between subflow fail and subflow creation (bsc#1248230).\n- CVE-2025-38653: proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (bsc#1248630).\n- CVE-2025-38699: scsi: bfa: Double-free fix (bsc#1249224).\n- CVE-2025-38700: scsi: libiscsi: Initialize iscsi_conn-\u003edd_data only if memory is allocated (bsc#1249182).\n- CVE-2025-38718: sctp: linearize cloned gso packets in sctp_rcv (bsc#1249161).\n- CVE-2025-39673: ppp: fix race conditions in ppp_fill_forward_path (bsc#1249320).\n- CVE-2025-39676: scsi: qla4xxx: Prevent a potential error pointer dereference (bsc#1249302).\n- CVE-2025-39683: tracing: Limit access to parser-\u003ebuffer when trace_get_user failed (bsc#1249286).\n- CVE-2025-39697: nfs: remove dead code for the old swap over NFS implementation (bsc#1249319).\n- CVE-2025-39702: ipv6: sr: Fix MAC comparison to be constant-time (bsc#1249317).\n- CVE-2025-39756: fs: Prevent file descriptor table allocations exceeding INT_MAX (bsc#1249512).\n- CVE-2025-39794: ARM: tegra: Use I/O memcpy to write to IRAM (bsc#1249595).\n- CVE-2025-39812: sctp: initialize more fields in sctp_v6_from_sk() (bsc#1250202).\n- CVE-2025-39813: ftrace: Fix potential warning in trace_printk_seq during ftrace_dump (bsc#1250032).\n- CVE-2025-39851: vxlan: Fix NPD when refreshing an FDB entry with a nexthop object (bsc#1250296).\n- CVE-2025-39866: fs: writeback: fix use-after-free in __mark_inode_dirty() (bsc#1250455).\n- CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() (bsc#1250400).\n- CVE-2025-39881: kernfs: Fix UAF in polling when open file is released (bsc#1250379).\n- CVE-2025-39895: sched: Fix sched_numa_find_nth_cpu() if mask offline (bsc#1250721).\n- CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err() (bsc#1250702).\n- CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path (bsc#1250704).\n- CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task (bsc#1251230).\n- CVE-2025-39946: tls: make sure to abort the stream if headers are bogus (bsc#1251114).\n- CVE-2025-39947: net/mlx5e: Harden uplink netdev access against device unbind (bsc#1251232).\n- CVE-2025-39948: ice: fix Rx page leak on multi-buffer frames (bsc#1251233).\n- CVE-2025-39949: qed: Don\u0027t collect too many protection override GRC elements (bsc#1251177).\n- CVE-2025-39955: tcp: Clear tcp_sk(sk)-\u003efastopen_rsk in tcp_disconnect() (bsc#1251804).\n- CVE-2025-39968: i40e: add max boundary check for VF filters (bsc#1252047).\n- CVE-2025-39969: i40e: fix validation of VF state in get resources (bsc#1252044).\n- CVE-2025-39970: i40e: fix input validation logic for action_meta (bsc#1252051).\n- CVE-2025-39971: i40e: fix idx validation in config queues msg (bsc#1252052).\n- CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map (bsc#1252039).\n- CVE-2025-39973: i40e: add validation for ring_len param (bsc#1252035).\n- CVE-2025-39978: octeontx2-pf: Fix potential use after free in otx2_tc_add_flow() (bsc#1252069).\n- CVE-2025-40000: wifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait() (bsc#1252062).\n- CVE-2025-40005: spi: cadence-quadspi: Implement refcount to handle unbind during busy (bsc#1252349).\n- CVE-2025-40018: ipvs: Defer ip_vs_ftp unregister during netns cleanup (bsc#1252688).\n- CVE-2025-40051: vhost: vringh: Modify the return value check (bsc#1252858).\n- CVE-2025-40056: vhost: vringh: Fix copy_to_iter return value check (bsc#1252826).\n- CVE-2025-40060: coresight: trbe: Return NULL pointer for allocation failures (bsc#1252848).\n- CVE-2025-40078: bpf: Explicitly check accesses to bpf_sock_addr (bsc#1252789).\n- CVE-2025-40080: nbd: restrict sockets to TCP and UDP (bsc#1252774).\n- CVE-2025-40100: btrfs: do not assert we found block group item when creating free space tree (bsc#1252918).\n\nThe following non security issues were fixed:\n\n- ACPI: battery: Add synchronization between interface updates (git-fixes).\n- KVM: PPC: Fix misleading interrupts comment in kvmppc_prepare_to_enter() (bsc#1215199).\n- KVM: x86: Plumb in the vCPU to kvm_x86_ops.hwapic_isr_update() (git-fixes).\n- KVM: x86: Process \u0027guest stopped request\u0027 once per guest time update (git-fixes).\n- bpf: Allow helper bpf_get_[ns_]current_pid_tgid() for all prog types (bsc#1252364).\n- cpufreq: intel_pstate: Fix object lifecycle issue in update_qos_request() (stable-fixes git-fixes).\n- drm/amd/pm: fix smu table id bound check issue in smu_cmn_update_table() (git-fixes).\n- ext4: fix checks for orphan inodes (bsc#1250119).\n- hfsplus: fix KMSAN uninit-value issue in hfsplus_delete_cat() (git-fixes).\n- kdb: Replace deprecated strcpy() with memmove() in vkdb_printf() (bsc#1252939).\n- module: Prevent silent truncation of module name in delete_module(2) (git-fixes).\n- net: mana: Use page pool fragments for RX buffers instead of full pages to improve memory efficiency (bsc#1248754).\n- netfilter: nft_objref: validate objref and objrefmap expressions (bsc#1250237).\n- perf/x86/intel: Allow to update user space GPRs from PEBS records (git-fixes).\n- perf/x86/intel: Fix crash in icl_update_topdown_event() (git-fixes).\n- phy: cadence: cdns-dphy: Update calibration wait time for startup state machine (git-fixes).\n- powerpc/boot: Fix build with gcc 15 (bsc#1215199).\n- powerpc/kvm: Fix ifdef to remove build warning (bsc#1215199).\n- powerpc/powernv/pci: Fix underflow and leak issue (bsc#1215199).\n- powerpc/pseries/msi: Fix potential underflow and leak issue (bsc#1215199).\n- powerpc: floppy: Add missing checks after DMA map (bsc#1215199).\n- proc: fix missing pde_set_flags() for net proc files (bsc#1248630)\n- proc: fix type confusion in pde_set_flags() (bsc#1248630)\n- sched/idle: Conditionally handle tick broadcast in default_idle_call() (bsc#1248517).\n- skmsg: Return copied bytes in sk_msg_memcopy_from_iter (bsc#1250650).\n- smb: client: fix crypto buffers in non-linear memory (bsc#1250491, bsc#1239206).\n- smb: client: fix potential cfid UAF in smb2_query_info_compound (bsc#1248886).\n- tcp_bpf: Fix copied value in tcp_bpf_sendmsg (bsc#1250650).\n- tracing: Remove unneeded goto out logic (bsc#1249286).\n- x86/idle: Sanitize X86_BUG_AMD_E400 handling (bsc#1248517).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-4128,SUSE-SLE-Module-Public-Cloud-15-SP6-2025-4128,openSUSE-SLE-15.6-2025-4128",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_4128-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:4128-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20254128-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:4128-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-November/023299.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1214954",
"url": "https://bugzilla.suse.com/1214954"
},
{
"category": "self",
"summary": "SUSE Bug 1215143",
"url": "https://bugzilla.suse.com/1215143"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1216396",
"url": "https://bugzilla.suse.com/1216396"
},
{
"category": "self",
"summary": "SUSE Bug 1220419",
"url": "https://bugzilla.suse.com/1220419"
},
{
"category": "self",
"summary": "SUSE Bug 1239206",
"url": "https://bugzilla.suse.com/1239206"
},
{
"category": "self",
"summary": "SUSE Bug 1244939",
"url": "https://bugzilla.suse.com/1244939"
},
{
"category": "self",
"summary": "SUSE Bug 1248211",
"url": "https://bugzilla.suse.com/1248211"
},
{
"category": "self",
"summary": "SUSE Bug 1248230",
"url": "https://bugzilla.suse.com/1248230"
},
{
"category": "self",
"summary": "SUSE Bug 1248517",
"url": "https://bugzilla.suse.com/1248517"
},
{
"category": "self",
"summary": "SUSE Bug 1248630",
"url": "https://bugzilla.suse.com/1248630"
},
{
"category": "self",
"summary": "SUSE Bug 1248754",
"url": "https://bugzilla.suse.com/1248754"
},
{
"category": "self",
"summary": "SUSE Bug 1248886",
"url": "https://bugzilla.suse.com/1248886"
},
{
"category": "self",
"summary": "SUSE Bug 1249161",
"url": "https://bugzilla.suse.com/1249161"
},
{
"category": "self",
"summary": "SUSE Bug 1249182",
"url": "https://bugzilla.suse.com/1249182"
},
{
"category": "self",
"summary": "SUSE Bug 1249224",
"url": "https://bugzilla.suse.com/1249224"
},
{
"category": "self",
"summary": "SUSE Bug 1249286",
"url": "https://bugzilla.suse.com/1249286"
},
{
"category": "self",
"summary": "SUSE Bug 1249302",
"url": "https://bugzilla.suse.com/1249302"
},
{
"category": "self",
"summary": "SUSE Bug 1249317",
"url": "https://bugzilla.suse.com/1249317"
},
{
"category": "self",
"summary": "SUSE Bug 1249319",
"url": "https://bugzilla.suse.com/1249319"
},
{
"category": "self",
"summary": "SUSE Bug 1249320",
"url": "https://bugzilla.suse.com/1249320"
},
{
"category": "self",
"summary": "SUSE Bug 1249512",
"url": "https://bugzilla.suse.com/1249512"
},
{
"category": "self",
"summary": "SUSE Bug 1249595",
"url": "https://bugzilla.suse.com/1249595"
},
{
"category": "self",
"summary": "SUSE Bug 1249608",
"url": "https://bugzilla.suse.com/1249608"
},
{
"category": "self",
"summary": "SUSE Bug 1250032",
"url": "https://bugzilla.suse.com/1250032"
},
{
"category": "self",
"summary": "SUSE Bug 1250119",
"url": "https://bugzilla.suse.com/1250119"
},
{
"category": "self",
"summary": "SUSE Bug 1250202",
"url": "https://bugzilla.suse.com/1250202"
},
{
"category": "self",
"summary": "SUSE Bug 1250237",
"url": "https://bugzilla.suse.com/1250237"
},
{
"category": "self",
"summary": "SUSE Bug 1250274",
"url": "https://bugzilla.suse.com/1250274"
},
{
"category": "self",
"summary": "SUSE Bug 1250296",
"url": "https://bugzilla.suse.com/1250296"
},
{
"category": "self",
"summary": "SUSE Bug 1250379",
"url": "https://bugzilla.suse.com/1250379"
},
{
"category": "self",
"summary": "SUSE Bug 1250400",
"url": "https://bugzilla.suse.com/1250400"
},
{
"category": "self",
"summary": "SUSE Bug 1250455",
"url": "https://bugzilla.suse.com/1250455"
},
{
"category": "self",
"summary": "SUSE Bug 1250491",
"url": "https://bugzilla.suse.com/1250491"
},
{
"category": "self",
"summary": "SUSE Bug 1250519",
"url": "https://bugzilla.suse.com/1250519"
},
{
"category": "self",
"summary": "SUSE Bug 1250650",
"url": "https://bugzilla.suse.com/1250650"
},
{
"category": "self",
"summary": "SUSE Bug 1250702",
"url": "https://bugzilla.suse.com/1250702"
},
{
"category": "self",
"summary": "SUSE Bug 1250704",
"url": "https://bugzilla.suse.com/1250704"
},
{
"category": "self",
"summary": "SUSE Bug 1250721",
"url": "https://bugzilla.suse.com/1250721"
},
{
"category": "self",
"summary": "SUSE Bug 1250742",
"url": "https://bugzilla.suse.com/1250742"
},
{
"category": "self",
"summary": "SUSE Bug 1250946",
"url": "https://bugzilla.suse.com/1250946"
},
{
"category": "self",
"summary": "SUSE Bug 1251024",
"url": "https://bugzilla.suse.com/1251024"
},
{
"category": "self",
"summary": "SUSE Bug 1251027",
"url": "https://bugzilla.suse.com/1251027"
},
{
"category": "self",
"summary": "SUSE Bug 1251028",
"url": "https://bugzilla.suse.com/1251028"
},
{
"category": "self",
"summary": "SUSE Bug 1251031",
"url": "https://bugzilla.suse.com/1251031"
},
{
"category": "self",
"summary": "SUSE Bug 1251035",
"url": "https://bugzilla.suse.com/1251035"
},
{
"category": "self",
"summary": "SUSE Bug 1251038",
"url": "https://bugzilla.suse.com/1251038"
},
{
"category": "self",
"summary": "SUSE Bug 1251043",
"url": "https://bugzilla.suse.com/1251043"
},
{
"category": "self",
"summary": "SUSE Bug 1251045",
"url": "https://bugzilla.suse.com/1251045"
},
{
"category": "self",
"summary": "SUSE Bug 1251052",
"url": "https://bugzilla.suse.com/1251052"
},
{
"category": "self",
"summary": "SUSE Bug 1251053",
"url": "https://bugzilla.suse.com/1251053"
},
{
"category": "self",
"summary": "SUSE Bug 1251054",
"url": "https://bugzilla.suse.com/1251054"
},
{
"category": "self",
"summary": "SUSE Bug 1251056",
"url": "https://bugzilla.suse.com/1251056"
},
{
"category": "self",
"summary": "SUSE Bug 1251057",
"url": "https://bugzilla.suse.com/1251057"
},
{
"category": "self",
"summary": "SUSE Bug 1251059",
"url": "https://bugzilla.suse.com/1251059"
},
{
"category": "self",
"summary": "SUSE Bug 1251060",
"url": "https://bugzilla.suse.com/1251060"
},
{
"category": "self",
"summary": "SUSE Bug 1251065",
"url": "https://bugzilla.suse.com/1251065"
},
{
"category": "self",
"summary": "SUSE Bug 1251066",
"url": "https://bugzilla.suse.com/1251066"
},
{
"category": "self",
"summary": "SUSE Bug 1251067",
"url": "https://bugzilla.suse.com/1251067"
},
{
"category": "self",
"summary": "SUSE Bug 1251068",
"url": "https://bugzilla.suse.com/1251068"
},
{
"category": "self",
"summary": "SUSE Bug 1251071",
"url": "https://bugzilla.suse.com/1251071"
},
{
"category": "self",
"summary": "SUSE Bug 1251076",
"url": "https://bugzilla.suse.com/1251076"
},
{
"category": "self",
"summary": "SUSE Bug 1251079",
"url": "https://bugzilla.suse.com/1251079"
},
{
"category": "self",
"summary": "SUSE Bug 1251081",
"url": "https://bugzilla.suse.com/1251081"
},
{
"category": "self",
"summary": "SUSE Bug 1251083",
"url": "https://bugzilla.suse.com/1251083"
},
{
"category": "self",
"summary": "SUSE Bug 1251084",
"url": "https://bugzilla.suse.com/1251084"
},
{
"category": "self",
"summary": "SUSE Bug 1251100",
"url": "https://bugzilla.suse.com/1251100"
},
{
"category": "self",
"summary": "SUSE Bug 1251105",
"url": "https://bugzilla.suse.com/1251105"
},
{
"category": "self",
"summary": "SUSE Bug 1251106",
"url": "https://bugzilla.suse.com/1251106"
},
{
"category": "self",
"summary": "SUSE Bug 1251108",
"url": "https://bugzilla.suse.com/1251108"
},
{
"category": "self",
"summary": "SUSE Bug 1251113",
"url": "https://bugzilla.suse.com/1251113"
},
{
"category": "self",
"summary": "SUSE Bug 1251114",
"url": "https://bugzilla.suse.com/1251114"
},
{
"category": "self",
"summary": "SUSE Bug 1251119",
"url": "https://bugzilla.suse.com/1251119"
},
{
"category": "self",
"summary": "SUSE Bug 1251123",
"url": "https://bugzilla.suse.com/1251123"
},
{
"category": "self",
"summary": "SUSE Bug 1251126",
"url": "https://bugzilla.suse.com/1251126"
},
{
"category": "self",
"summary": "SUSE Bug 1251132",
"url": "https://bugzilla.suse.com/1251132"
},
{
"category": "self",
"summary": "SUSE Bug 1251134",
"url": "https://bugzilla.suse.com/1251134"
},
{
"category": "self",
"summary": "SUSE Bug 1251143",
"url": "https://bugzilla.suse.com/1251143"
},
{
"category": "self",
"summary": "SUSE Bug 1251146",
"url": "https://bugzilla.suse.com/1251146"
},
{
"category": "self",
"summary": "SUSE Bug 1251150",
"url": "https://bugzilla.suse.com/1251150"
},
{
"category": "self",
"summary": "SUSE Bug 1251152",
"url": "https://bugzilla.suse.com/1251152"
},
{
"category": "self",
"summary": "SUSE Bug 1251153",
"url": "https://bugzilla.suse.com/1251153"
},
{
"category": "self",
"summary": "SUSE Bug 1251159",
"url": "https://bugzilla.suse.com/1251159"
},
{
"category": "self",
"summary": "SUSE Bug 1251161",
"url": "https://bugzilla.suse.com/1251161"
},
{
"category": "self",
"summary": "SUSE Bug 1251170",
"url": "https://bugzilla.suse.com/1251170"
},
{
"category": "self",
"summary": "SUSE Bug 1251177",
"url": "https://bugzilla.suse.com/1251177"
},
{
"category": "self",
"summary": "SUSE Bug 1251180",
"url": "https://bugzilla.suse.com/1251180"
},
{
"category": "self",
"summary": "SUSE Bug 1251206",
"url": "https://bugzilla.suse.com/1251206"
},
{
"category": "self",
"summary": "SUSE Bug 1251215",
"url": "https://bugzilla.suse.com/1251215"
},
{
"category": "self",
"summary": "SUSE Bug 1251216",
"url": "https://bugzilla.suse.com/1251216"
},
{
"category": "self",
"summary": "SUSE Bug 1251222",
"url": "https://bugzilla.suse.com/1251222"
},
{
"category": "self",
"summary": "SUSE Bug 1251230",
"url": "https://bugzilla.suse.com/1251230"
},
{
"category": "self",
"summary": "SUSE Bug 1251232",
"url": "https://bugzilla.suse.com/1251232"
},
{
"category": "self",
"summary": "SUSE Bug 1251233",
"url": "https://bugzilla.suse.com/1251233"
},
{
"category": "self",
"summary": "SUSE Bug 1251247",
"url": "https://bugzilla.suse.com/1251247"
},
{
"category": "self",
"summary": "SUSE Bug 1251268",
"url": "https://bugzilla.suse.com/1251268"
},
{
"category": "self",
"summary": "SUSE Bug 1251269",
"url": "https://bugzilla.suse.com/1251269"
},
{
"category": "self",
"summary": "SUSE Bug 1251270",
"url": "https://bugzilla.suse.com/1251270"
},
{
"category": "self",
"summary": "SUSE Bug 1251282",
"url": "https://bugzilla.suse.com/1251282"
},
{
"category": "self",
"summary": "SUSE Bug 1251283",
"url": "https://bugzilla.suse.com/1251283"
},
{
"category": "self",
"summary": "SUSE Bug 1251286",
"url": "https://bugzilla.suse.com/1251286"
},
{
"category": "self",
"summary": "SUSE Bug 1251290",
"url": "https://bugzilla.suse.com/1251290"
},
{
"category": "self",
"summary": "SUSE Bug 1251319",
"url": "https://bugzilla.suse.com/1251319"
},
{
"category": "self",
"summary": "SUSE Bug 1251321",
"url": "https://bugzilla.suse.com/1251321"
},
{
"category": "self",
"summary": "SUSE Bug 1251323",
"url": "https://bugzilla.suse.com/1251323"
},
{
"category": "self",
"summary": "SUSE Bug 1251328",
"url": "https://bugzilla.suse.com/1251328"
},
{
"category": "self",
"summary": "SUSE Bug 1251529",
"url": "https://bugzilla.suse.com/1251529"
},
{
"category": "self",
"summary": "SUSE Bug 1251721",
"url": "https://bugzilla.suse.com/1251721"
},
{
"category": "self",
"summary": "SUSE Bug 1251732",
"url": "https://bugzilla.suse.com/1251732"
},
{
"category": "self",
"summary": "SUSE Bug 1251742",
"url": "https://bugzilla.suse.com/1251742"
},
{
"category": "self",
"summary": "SUSE Bug 1251743",
"url": "https://bugzilla.suse.com/1251743"
},
{
"category": "self",
"summary": "SUSE Bug 1251746",
"url": "https://bugzilla.suse.com/1251746"
},
{
"category": "self",
"summary": "SUSE Bug 1251748",
"url": "https://bugzilla.suse.com/1251748"
},
{
"category": "self",
"summary": "SUSE Bug 1251749",
"url": "https://bugzilla.suse.com/1251749"
},
{
"category": "self",
"summary": "SUSE Bug 1251750",
"url": "https://bugzilla.suse.com/1251750"
},
{
"category": "self",
"summary": "SUSE Bug 1251754",
"url": "https://bugzilla.suse.com/1251754"
},
{
"category": "self",
"summary": "SUSE Bug 1251755",
"url": "https://bugzilla.suse.com/1251755"
},
{
"category": "self",
"summary": "SUSE Bug 1251756",
"url": "https://bugzilla.suse.com/1251756"
},
{
"category": "self",
"summary": "SUSE Bug 1251758",
"url": "https://bugzilla.suse.com/1251758"
},
{
"category": "self",
"summary": "SUSE Bug 1251759",
"url": "https://bugzilla.suse.com/1251759"
},
{
"category": "self",
"summary": "SUSE Bug 1251760",
"url": "https://bugzilla.suse.com/1251760"
},
{
"category": "self",
"summary": "SUSE Bug 1251762",
"url": "https://bugzilla.suse.com/1251762"
},
{
"category": "self",
"summary": "SUSE Bug 1251763",
"url": "https://bugzilla.suse.com/1251763"
},
{
"category": "self",
"summary": "SUSE Bug 1251764",
"url": "https://bugzilla.suse.com/1251764"
},
{
"category": "self",
"summary": "SUSE Bug 1251769",
"url": "https://bugzilla.suse.com/1251769"
},
{
"category": "self",
"summary": "SUSE Bug 1251771",
"url": "https://bugzilla.suse.com/1251771"
},
{
"category": "self",
"summary": "SUSE Bug 1251772",
"url": "https://bugzilla.suse.com/1251772"
},
{
"category": "self",
"summary": "SUSE Bug 1251777",
"url": "https://bugzilla.suse.com/1251777"
},
{
"category": "self",
"summary": "SUSE Bug 1251780",
"url": "https://bugzilla.suse.com/1251780"
},
{
"category": "self",
"summary": "SUSE Bug 1251804",
"url": "https://bugzilla.suse.com/1251804"
},
{
"category": "self",
"summary": "SUSE Bug 1251810",
"url": "https://bugzilla.suse.com/1251810"
},
{
"category": "self",
"summary": "SUSE Bug 1251930",
"url": "https://bugzilla.suse.com/1251930"
},
{
"category": "self",
"summary": "SUSE Bug 1251967",
"url": "https://bugzilla.suse.com/1251967"
},
{
"category": "self",
"summary": "SUSE Bug 1252033",
"url": "https://bugzilla.suse.com/1252033"
},
{
"category": "self",
"summary": "SUSE Bug 1252035",
"url": "https://bugzilla.suse.com/1252035"
},
{
"category": "self",
"summary": "SUSE Bug 1252039",
"url": "https://bugzilla.suse.com/1252039"
},
{
"category": "self",
"summary": "SUSE Bug 1252044",
"url": "https://bugzilla.suse.com/1252044"
},
{
"category": "self",
"summary": "SUSE Bug 1252047",
"url": "https://bugzilla.suse.com/1252047"
},
{
"category": "self",
"summary": "SUSE Bug 1252051",
"url": "https://bugzilla.suse.com/1252051"
},
{
"category": "self",
"summary": "SUSE Bug 1252052",
"url": "https://bugzilla.suse.com/1252052"
},
{
"category": "self",
"summary": "SUSE Bug 1252056",
"url": "https://bugzilla.suse.com/1252056"
},
{
"category": "self",
"summary": "SUSE Bug 1252060",
"url": "https://bugzilla.suse.com/1252060"
},
{
"category": "self",
"summary": "SUSE Bug 1252062",
"url": "https://bugzilla.suse.com/1252062"
},
{
"category": "self",
"summary": "SUSE Bug 1252064",
"url": "https://bugzilla.suse.com/1252064"
},
{
"category": "self",
"summary": "SUSE Bug 1252065",
"url": "https://bugzilla.suse.com/1252065"
},
{
"category": "self",
"summary": "SUSE Bug 1252069",
"url": "https://bugzilla.suse.com/1252069"
},
{
"category": "self",
"summary": "SUSE Bug 1252070",
"url": "https://bugzilla.suse.com/1252070"
},
{
"category": "self",
"summary": "SUSE Bug 1252072",
"url": "https://bugzilla.suse.com/1252072"
},
{
"category": "self",
"summary": "SUSE Bug 1252074",
"url": "https://bugzilla.suse.com/1252074"
},
{
"category": "self",
"summary": "SUSE Bug 1252075",
"url": "https://bugzilla.suse.com/1252075"
},
{
"category": "self",
"summary": "SUSE Bug 1252078",
"url": "https://bugzilla.suse.com/1252078"
},
{
"category": "self",
"summary": "SUSE Bug 1252079",
"url": "https://bugzilla.suse.com/1252079"
},
{
"category": "self",
"summary": "SUSE Bug 1252082",
"url": "https://bugzilla.suse.com/1252082"
},
{
"category": "self",
"summary": "SUSE Bug 1252083",
"url": "https://bugzilla.suse.com/1252083"
},
{
"category": "self",
"summary": "SUSE Bug 1252236",
"url": "https://bugzilla.suse.com/1252236"
},
{
"category": "self",
"summary": "SUSE Bug 1252265",
"url": "https://bugzilla.suse.com/1252265"
},
{
"category": "self",
"summary": "SUSE Bug 1252332",
"url": "https://bugzilla.suse.com/1252332"
},
{
"category": "self",
"summary": "SUSE Bug 1252336",
"url": "https://bugzilla.suse.com/1252336"
},
{
"category": "self",
"summary": "SUSE Bug 1252346",
"url": "https://bugzilla.suse.com/1252346"
},
{
"category": "self",
"summary": "SUSE Bug 1252348",
"url": "https://bugzilla.suse.com/1252348"
},
{
"category": "self",
"summary": "SUSE Bug 1252349",
"url": "https://bugzilla.suse.com/1252349"
},
{
"category": "self",
"summary": "SUSE Bug 1252364",
"url": "https://bugzilla.suse.com/1252364"
},
{
"category": "self",
"summary": "SUSE Bug 1252479",
"url": "https://bugzilla.suse.com/1252479"
},
{
"category": "self",
"summary": "SUSE Bug 1252481",
"url": "https://bugzilla.suse.com/1252481"
},
{
"category": "self",
"summary": "SUSE Bug 1252489",
"url": "https://bugzilla.suse.com/1252489"
},
{
"category": "self",
"summary": "SUSE Bug 1252490",
"url": "https://bugzilla.suse.com/1252490"
},
{
"category": "self",
"summary": "SUSE Bug 1252492",
"url": "https://bugzilla.suse.com/1252492"
},
{
"category": "self",
"summary": "SUSE Bug 1252495",
"url": "https://bugzilla.suse.com/1252495"
},
{
"category": "self",
"summary": "SUSE Bug 1252496",
"url": "https://bugzilla.suse.com/1252496"
},
{
"category": "self",
"summary": "SUSE Bug 1252499",
"url": "https://bugzilla.suse.com/1252499"
},
{
"category": "self",
"summary": "SUSE Bug 1252534",
"url": "https://bugzilla.suse.com/1252534"
},
{
"category": "self",
"summary": "SUSE Bug 1252536",
"url": "https://bugzilla.suse.com/1252536"
},
{
"category": "self",
"summary": "SUSE Bug 1252537",
"url": "https://bugzilla.suse.com/1252537"
},
{
"category": "self",
"summary": "SUSE Bug 1252550",
"url": "https://bugzilla.suse.com/1252550"
},
{
"category": "self",
"summary": "SUSE Bug 1252553",
"url": "https://bugzilla.suse.com/1252553"
},
{
"category": "self",
"summary": "SUSE Bug 1252559",
"url": "https://bugzilla.suse.com/1252559"
},
{
"category": "self",
"summary": "SUSE Bug 1252561",
"url": "https://bugzilla.suse.com/1252561"
},
{
"category": "self",
"summary": "SUSE Bug 1252564",
"url": "https://bugzilla.suse.com/1252564"
},
{
"category": "self",
"summary": "SUSE Bug 1252565",
"url": "https://bugzilla.suse.com/1252565"
},
{
"category": "self",
"summary": "SUSE Bug 1252566",
"url": "https://bugzilla.suse.com/1252566"
},
{
"category": "self",
"summary": "SUSE Bug 1252632",
"url": "https://bugzilla.suse.com/1252632"
},
{
"category": "self",
"summary": "SUSE Bug 1252668",
"url": "https://bugzilla.suse.com/1252668"
},
{
"category": "self",
"summary": "SUSE Bug 1252678",
"url": "https://bugzilla.suse.com/1252678"
},
{
"category": "self",
"summary": "SUSE Bug 1252679",
"url": "https://bugzilla.suse.com/1252679"
},
{
"category": "self",
"summary": "SUSE Bug 1252685",
"url": "https://bugzilla.suse.com/1252685"
},
{
"category": "self",
"summary": "SUSE Bug 1252688",
"url": "https://bugzilla.suse.com/1252688"
},
{
"category": "self",
"summary": "SUSE Bug 1252772",
"url": "https://bugzilla.suse.com/1252772"
},
{
"category": "self",
"summary": "SUSE Bug 1252774",
"url": "https://bugzilla.suse.com/1252774"
},
{
"category": "self",
"summary": "SUSE Bug 1252775",
"url": "https://bugzilla.suse.com/1252775"
},
{
"category": "self",
"summary": "SUSE Bug 1252785",
"url": "https://bugzilla.suse.com/1252785"
},
{
"category": "self",
"summary": "SUSE Bug 1252787",
"url": "https://bugzilla.suse.com/1252787"
},
{
"category": "self",
"summary": "SUSE Bug 1252789",
"url": "https://bugzilla.suse.com/1252789"
},
{
"category": "self",
"summary": "SUSE Bug 1252797",
"url": "https://bugzilla.suse.com/1252797"
},
{
"category": "self",
"summary": "SUSE Bug 1252822",
"url": "https://bugzilla.suse.com/1252822"
},
{
"category": "self",
"summary": "SUSE Bug 1252826",
"url": "https://bugzilla.suse.com/1252826"
},
{
"category": "self",
"summary": "SUSE Bug 1252841",
"url": "https://bugzilla.suse.com/1252841"
},
{
"category": "self",
"summary": "SUSE Bug 1252848",
"url": "https://bugzilla.suse.com/1252848"
},
{
"category": "self",
"summary": "SUSE Bug 1252849",
"url": "https://bugzilla.suse.com/1252849"
},
{
"category": "self",
"summary": "SUSE Bug 1252850",
"url": "https://bugzilla.suse.com/1252850"
},
{
"category": "self",
"summary": "SUSE Bug 1252851",
"url": "https://bugzilla.suse.com/1252851"
},
{
"category": "self",
"summary": "SUSE Bug 1252854",
"url": "https://bugzilla.suse.com/1252854"
},
{
"category": "self",
"summary": "SUSE Bug 1252858",
"url": "https://bugzilla.suse.com/1252858"
},
{
"category": "self",
"summary": "SUSE Bug 1252865",
"url": "https://bugzilla.suse.com/1252865"
},
{
"category": "self",
"summary": "SUSE Bug 1252866",
"url": "https://bugzilla.suse.com/1252866"
},
{
"category": "self",
"summary": "SUSE Bug 1252873",
"url": "https://bugzilla.suse.com/1252873"
},
{
"category": "self",
"summary": "SUSE Bug 1252902",
"url": "https://bugzilla.suse.com/1252902"
},
{
"category": "self",
"summary": "SUSE Bug 1252904",
"url": "https://bugzilla.suse.com/1252904"
},
{
"category": "self",
"summary": "SUSE Bug 1252909",
"url": "https://bugzilla.suse.com/1252909"
},
{
"category": "self",
"summary": "SUSE Bug 1252918",
"url": "https://bugzilla.suse.com/1252918"
},
{
"category": "self",
"summary": "SUSE Bug 1252939",
"url": "https://bugzilla.suse.com/1252939"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53538 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53538/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53539 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53540 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53541 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53543 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53545 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53546 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53548 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53550 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53552 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53553 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53554 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53555 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53556 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53557 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53558 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53558/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53559 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53560 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53563 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53563/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53568 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53570 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53570/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53572 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53574 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53574/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53575 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53577 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53577/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53579 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53580 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53581 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53583 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53585 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53585/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53588 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53593 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53593/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53596 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53597 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53599 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53600 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53601 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53602 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53603 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53611 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53613 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53615 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53616 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53617 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53618 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53619 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53621 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53631 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53632 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53633 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53638 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53645 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53646 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53647 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53648 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53649 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53649/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53650 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53652 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53654 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53656 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53657 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53658 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53659 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53660 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53662 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53663 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53665 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53666 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53666/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53668 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53670 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53672 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53673 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53674 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53681 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53686 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53687 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53693 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53697 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53698 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53699 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53703 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53704 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53707 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53707/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53708 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53708/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53711 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53711/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53713 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53713/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53718 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53721 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53721/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53722 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53722/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53725 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53725/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53726 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53727 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53727/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53728 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53729 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53730 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53731 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-53733 page",
"url": "https://www.suse.com/security/cve/CVE-2023-53733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38008 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38539 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38552 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38653 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38699 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38700 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38700/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38718 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38718/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39673 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39676 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39683 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39697 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39702 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39702/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39756 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39794 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39797 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39797/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39812 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39813 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39841 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39851 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39866 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39876 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39881 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39895 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39902 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39911 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39931 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39934 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39937 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39938 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39945 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39946 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39947 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39948 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39949 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39952 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39955 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39957 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39965 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39967 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39968 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39969 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39970 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39971 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39972 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39978 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39981 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39982 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39985 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39985/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39986 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39987 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39987/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39988 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39991 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39993 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39994 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39995 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39996 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-39997 page",
"url": "https://www.suse.com/security/cve/CVE-2025-39997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40000 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40005 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40010 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40011 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40013 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40016 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40018 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40019 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40020 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40029 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40032 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40035 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40036 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40043 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40044 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40049 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40051 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40052 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40056 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40058 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40058/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40060 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40061 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40061/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40062 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40071 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40078 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40080 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40082 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40082/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40085 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40087 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40088 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40096 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40096/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-40100 page",
"url": "https://www.suse.com/security/cve/CVE-2025-40100/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-11-18T13:51:55Z",
"generator": {
"date": "2025-11-18T13:51:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:4128-1",
"initial_release_date": "2025-11-18T13:51:55Z",
"revision_history": [
{
"date": "2025-11-18T13:51:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.55.1.aarch64",
"product_id": "kernel-azure-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"product": {
"name": "kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"product_id": "kernel-devel-azure-6.4.0-150600.8.55.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"product": {
"name": "kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"product_id": "kernel-source-azure-6.4.0-150600.8.55.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.55.1.x86_64",
"product_id": "kernel-azure-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"product_id": "kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.55.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.55.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.55.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.55.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.55.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.55.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.55.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.55.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.55.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.55.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-53538",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53538"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: insert tree mod log move in push_node_left\n\nThere is a fairly unlikely race condition in tree mod log rewind that\ncan result in a kernel panic which has the following trace:\n\n [530.569] BTRFS critical (device sda3): unable to find logical 0 length 4096\n [530.585] BTRFS critical (device sda3): unable to find logical 0 length 4096\n [530.602] BUG: kernel NULL pointer dereference, address: 0000000000000002\n [530.618] #PF: supervisor read access in kernel mode\n [530.629] #PF: error_code(0x0000) - not-present page\n [530.641] PGD 0 P4D 0\n [530.647] Oops: 0000 [#1] SMP\n [530.654] CPU: 30 PID: 398973 Comm: below Kdump: loaded Tainted: G S O K 5.12.0-0_fbk13_clang_7455_gb24de3bdb045 #1\n [530.680] Hardware name: Quanta Mono Lake-M.2 SATA 1HY9U9Z001G/Mono Lake-M.2 SATA, BIOS F20_3A15 08/16/2017\n [530.703] RIP: 0010:__btrfs_map_block+0xaa/0xd00\n [530.755] RSP: 0018:ffffc9002c2f7600 EFLAGS: 00010246\n [530.767] RAX: ffffffffffffffea RBX: ffff888292e41000 RCX: f2702d8b8be15100\n [530.784] RDX: ffff88885fda6fb8 RSI: ffff88885fd973c8 RDI: ffff88885fd973c8\n [530.800] RBP: ffff888292e410d0 R08: ffffffff82fd7fd0 R09: 00000000fffeffff\n [530.816] R10: ffffffff82e57fd0 R11: ffffffff82e57d70 R12: 0000000000000000\n [530.832] R13: 0000000000001000 R14: 0000000000001000 R15: ffffc9002c2f76f0\n [530.848] FS: 00007f38d64af000(0000) GS:ffff88885fd80000(0000) knlGS:0000000000000000\n [530.866] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [530.880] CR2: 0000000000000002 CR3: 00000002b6770004 CR4: 00000000003706e0\n [530.896] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n [530.912] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n [530.928] Call Trace:\n [530.934] ? btrfs_printk+0x13b/0x18c\n [530.943] ? btrfs_bio_counter_inc_blocked+0x3d/0x130\n [530.955] btrfs_map_bio+0x75/0x330\n [530.963] ? kmem_cache_alloc+0x12a/0x2d0\n [530.973] ? btrfs_submit_metadata_bio+0x63/0x100\n [530.984] btrfs_submit_metadata_bio+0xa4/0x100\n [530.995] submit_extent_page+0x30f/0x360\n [531.004] read_extent_buffer_pages+0x49e/0x6d0\n [531.015] ? submit_extent_page+0x360/0x360\n [531.025] btree_read_extent_buffer_pages+0x5f/0x150\n [531.037] read_tree_block+0x37/0x60\n [531.046] read_block_for_search+0x18b/0x410\n [531.056] btrfs_search_old_slot+0x198/0x2f0\n [531.066] resolve_indirect_ref+0xfe/0x6f0\n [531.076] ? ulist_alloc+0x31/0x60\n [531.084] ? kmem_cache_alloc_trace+0x12e/0x2b0\n [531.095] find_parent_nodes+0x720/0x1830\n [531.105] ? ulist_alloc+0x10/0x60\n [531.113] iterate_extent_inodes+0xea/0x370\n [531.123] ? btrfs_previous_extent_item+0x8f/0x110\n [531.134] ? btrfs_search_path_in_tree+0x240/0x240\n [531.146] iterate_inodes_from_logical+0x98/0xd0\n [531.157] ? btrfs_search_path_in_tree+0x240/0x240\n [531.168] btrfs_ioctl_logical_to_ino+0xd9/0x180\n [531.179] btrfs_ioctl+0xe2/0x2eb0\n\nThis occurs when logical inode resolution takes a tree mod log sequence\nnumber, and then while backref walking hits a rewind on a busy node\nwhich has the following sequence of tree mod log operations (numbers\nfilled in from a specific example, but they are somewhat arbitrary)\n\n REMOVE_WHILE_FREEING slot 532\n REMOVE_WHILE_FREEING slot 531\n REMOVE_WHILE_FREEING slot 530\n ...\n REMOVE_WHILE_FREEING slot 0\n REMOVE slot 455\n REMOVE slot 454\n REMOVE slot 453\n ...\n REMOVE slot 0\n ADD slot 455\n ADD slot 454\n ADD slot 453\n ...\n ADD slot 0\n MOVE src slot 0 -\u003e dst slot 456 nritems 533\n REMOVE slot 455\n REMOVE slot 454\n REMOVE slot 453\n ...\n REMOVE slot 0\n\nWhen this sequence gets applied via btrfs_tree_mod_log_rewind, it\nallocates a fresh rewind eb, and first inserts the correct key info for\nthe 533 elements, then overwrites the first 456 of them, then decrements\nthe count by 456 via the add ops, then rewinds the move by doing a\nmemmove from 456:988-\u003e0:532. We have never written anything past 532,\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53538",
"url": "https://www.suse.com/security/cve/CVE-2023-53538"
},
{
"category": "external",
"summary": "SUSE Bug 1251024 for CVE-2023-53538",
"url": "https://bugzilla.suse.com/1251024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53538"
},
{
"cve": "CVE-2023-53539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix incomplete state save in rxe_requester\n\nIf a send packet is dropped by the IP layer in rxe_requester()\nthe call to rxe_xmit_packet() can fail with err == -EAGAIN.\nTo recover, the state of the wqe is restored to the state before\nthe packet was sent so it can be resent. However, the routines\nthat save and restore the state miss a significnt part of the\nvariable state in the wqe, the dma struct which is used to process\nthrough the sge table. And, the state is not saved before the packet\nis built which modifies the dma struct.\n\nUnder heavy stress testing with many QPs on a fast node sending\nlarge messages to a slow node dropped packets are observed and\nthe resent packets are corrupted because the dma struct was not\nrestored. This patch fixes this behavior and allows the test cases\nto succeed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53539",
"url": "https://www.suse.com/security/cve/CVE-2023-53539"
},
{
"category": "external",
"summary": "SUSE Bug 1251060 for CVE-2023-53539",
"url": "https://bugzilla.suse.com/1251060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53539"
},
{
"cve": "CVE-2023-53540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: reject auth/assoc to AP with our address\n\nIf the AP uses our own address as its MLD address or BSSID, then\nclearly something\u0027s wrong. Reject such connections so we don\u0027t\ntry and fail later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53540",
"url": "https://www.suse.com/security/cve/CVE-2023-53540"
},
{
"category": "external",
"summary": "SUSE Bug 1251053 for CVE-2023-53540",
"url": "https://bugzilla.suse.com/1251053"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53540"
},
{
"cve": "CVE-2023-53541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmtd: rawnand: brcmnand: Fix potential out-of-bounds access in oob write\n\nWhen the oob buffer length is not in multiple of words, the oob write\nfunction does out-of-bounds read on the oob source buffer at the last\niteration. Fix that by always checking length limit on the oob buffer\nread and fill with 0xff when reaching the end of the buffer to the oob\nregisters.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53541",
"url": "https://www.suse.com/security/cve/CVE-2023-53541"
},
{
"category": "external",
"summary": "SUSE Bug 1251043 for CVE-2023-53541",
"url": "https://bugzilla.suse.com/1251043"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53541"
},
{
"cve": "CVE-2023-53543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa: Add max vqp attr to vdpa_nl_policy for nlattr length check\n\nThe vdpa_nl_policy structure is used to validate the nlattr when parsing\nthe incoming nlmsg. It will ensure the attribute being described produces\na valid nlattr pointer in info-\u003eattrs before entering into each handler\nin vdpa_nl_ops.\n\nThat is to say, the missing part in vdpa_nl_policy may lead to illegal\nnlattr after parsing, which could lead to OOB read just like CVE-2023-3773.\n\nThis patch adds the missing nla_policy for vdpa max vqp attr to avoid\nsuch bugs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53543",
"url": "https://www.suse.com/security/cve/CVE-2023-53543"
},
{
"category": "external",
"summary": "SUSE Bug 1251083 for CVE-2023-53543",
"url": "https://bugzilla.suse.com/1251083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53543"
},
{
"cve": "CVE-2023-53545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: unmap and remove csa_va properly\n\nRoot PD BO should be reserved before unmap and remove\na bo_va from VM otherwise lockdep will complain.\n\nv2: check fpriv-\u003ecsa_va is not NULL instead of amdgpu_mcbp (christian)\n\n[14616.936827] WARNING: CPU: 6 PID: 1711 at drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c:1762 amdgpu_vm_bo_del+0x399/0x3f0 [amdgpu]\n[14616.937096] Call Trace:\n[14616.937097] \u003cTASK\u003e\n[14616.937102] amdgpu_driver_postclose_kms+0x249/0x2f0 [amdgpu]\n[14616.937187] drm_file_free+0x1d6/0x300 [drm]\n[14616.937207] drm_close_helper.isra.0+0x62/0x70 [drm]\n[14616.937220] drm_release+0x5e/0x100 [drm]\n[14616.937234] __fput+0x9f/0x280\n[14616.937239] ____fput+0xe/0x20\n[14616.937241] task_work_run+0x61/0x90\n[14616.937246] exit_to_user_mode_prepare+0x215/0x220\n[14616.937251] syscall_exit_to_user_mode+0x2a/0x60\n[14616.937254] do_syscall_64+0x48/0x90\n[14616.937257] entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53545",
"url": "https://www.suse.com/security/cve/CVE-2023-53545"
},
{
"category": "external",
"summary": "SUSE Bug 1251084 for CVE-2023-53545",
"url": "https://bugzilla.suse.com/1251084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53545"
},
{
"cve": "CVE-2023-53546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx\n\nwhen mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the memory\npointed by \u0027in\u0027 is not released, which will cause memory leak. Move memory\nrelease after mlx5_cmd_exec.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53546",
"url": "https://www.suse.com/security/cve/CVE-2023-53546"
},
{
"category": "external",
"summary": "SUSE Bug 1251079 for CVE-2023-53546",
"url": "https://bugzilla.suse.com/1251079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53546"
},
{
"cve": "CVE-2023-53548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb\n\nThe syzbot fuzzer identified a problem in the usbnet driver:\n\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 754 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\nModules linked in:\nCPU: 0 PID: 754 Comm: kworker/0:2 Not tainted 6.4.0-rc7-syzkaller-00014-g692b7dc87ca6 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/27/2023\nWorkqueue: mld mld_ifc_work\nRIP: 0010:usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\nCode: 7c 24 18 e8 2c b4 5b fb 48 8b 7c 24 18 e8 42 07 f0 fe 41 89 d8 44 89 e1 4c 89 ea 48 89 c6 48 c7 c7 a0 c9 fc 8a e8 5a 6f 23 fb \u003c0f\u003e 0b e9 58 f8 ff ff e8 fe b3 5b fb 48 81 c5 c0 05 00 00 e9 84 f7\nRSP: 0018:ffffc9000463f568 EFLAGS: 00010086\nRAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000000\nRDX: ffff88801eb28000 RSI: ffffffff814c03b7 RDI: 0000000000000001\nRBP: ffff8881443b7190 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000003\nR13: ffff88802a77cb18 R14: 0000000000000003 R15: ffff888018262500\nFS: 0000000000000000(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000556a99c15a18 CR3: 0000000028c71000 CR4: 0000000000350ef0\nCall Trace:\n \u003cTASK\u003e\n usbnet_start_xmit+0xfe5/0x2190 drivers/net/usb/usbnet.c:1453\n __netdev_start_xmit include/linux/netdevice.h:4918 [inline]\n netdev_start_xmit include/linux/netdevice.h:4932 [inline]\n xmit_one net/core/dev.c:3578 [inline]\n dev_hard_start_xmit+0x187/0x700 net/core/dev.c:3594\n...\n\nThis bug is caused by the fact that usbnet trusts the bulk endpoint\naddresses its probe routine receives in the driver_info structure, and\nit does not check to see that these endpoints actually exist and have\nthe expected type and directions.\n\nThe fix is simply to add such a check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53548",
"url": "https://www.suse.com/security/cve/CVE-2023-53548"
},
{
"category": "external",
"summary": "SUSE Bug 1251066 for CVE-2023-53548",
"url": "https://bugzilla.suse.com/1251066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53548"
},
{
"cve": "CVE-2023-53550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: amd-pstate: fix global sysfs attribute type\n\nIn commit 3666062b87ec (\"cpufreq: amd-pstate: move to use bus_get_dev_root()\")\nthe \"amd_pstate\" attributes where moved from a dedicated kobject to the\ncpu root kobject.\n\nWhile the dedicated kobject expects to contain kobj_attributes the root\nkobject needs device_attributes.\n\nAs the changed arguments are not used by the callbacks it works most of\nthe time.\nHowever CFI will detect this issue:\n\n[ 4947.849350] CFI failure at dev_attr_show+0x24/0x60 (target: show_status+0x0/0x70; expected type: 0x8651b1de)\n...\n[ 4947.849409] Call Trace:\n[ 4947.849410] \u003cTASK\u003e\n[ 4947.849411] ? __warn+0xcf/0x1c0\n[ 4947.849414] ? dev_attr_show+0x24/0x60\n[ 4947.849415] ? report_cfi_failure+0x4e/0x60\n[ 4947.849417] ? handle_cfi_failure+0x14c/0x1d0\n[ 4947.849419] ? __cfi_show_status+0x10/0x10\n[ 4947.849420] ? handle_bug+0x4f/0x90\n[ 4947.849421] ? exc_invalid_op+0x1a/0x60\n[ 4947.849422] ? asm_exc_invalid_op+0x1a/0x20\n[ 4947.849424] ? __cfi_show_status+0x10/0x10\n[ 4947.849425] ? dev_attr_show+0x24/0x60\n[ 4947.849426] sysfs_kf_seq_show+0xa6/0x110\n[ 4947.849433] seq_read_iter+0x16c/0x4b0\n[ 4947.849436] vfs_read+0x272/0x2d0\n[ 4947.849438] ksys_read+0x72/0xe0\n[ 4947.849439] do_syscall_64+0x76/0xb0\n[ 4947.849440] ? do_user_addr_fault+0x252/0x650\n[ 4947.849442] ? exc_page_fault+0x7a/0x1b0\n[ 4947.849443] entry_SYSCALL_64_after_hwframe+0x72/0xdc",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53550",
"url": "https://www.suse.com/security/cve/CVE-2023-53550"
},
{
"category": "external",
"summary": "SUSE Bug 1251071 for CVE-2023-53550",
"url": "https://bugzilla.suse.com/1251071"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53550"
},
{
"cve": "CVE-2023-53552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53552"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915: mark requests for GuC virtual engines to avoid use-after-free\n\nReferences to i915_requests may be trapped by userspace inside a\nsync_file or dmabuf (dma-resv) and held indefinitely across different\nproceses. To counter-act the memory leaks, we try to not to keep\nreferences from the request past their completion.\nOn the other side on fence release we need to know if rq-\u003eengine\nis valid and points to hw engine (true for non-virtual requests).\nTo make it possible extra bit has been added to rq-\u003eexecution_mask,\nfor marking virtual engines.\n\n(cherry picked from commit 280410677af763f3871b93e794a199cfcf6fb580)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53552",
"url": "https://www.suse.com/security/cve/CVE-2023-53552"
},
{
"category": "external",
"summary": "SUSE Bug 1251065 for CVE-2023-53552",
"url": "https://bugzilla.suse.com/1251065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53552"
},
{
"cve": "CVE-2023-53553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: hyperv: avoid struct memcpy overrun warning\n\nA previous patch addressed the fortified memcpy warning for most\nbuilds, but I still see this one with gcc-9:\n\nIn file included from include/linux/string.h:254,\n from drivers/hid/hid-hyperv.c:8:\nIn function \u0027fortify_memcpy_chk\u0027,\n inlined from \u0027mousevsc_on_receive\u0027 at drivers/hid/hid-hyperv.c:272:3:\ninclude/linux/fortify-string.h:583:4: error: call to \u0027__write_overflow_field\u0027 declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]\n 583 | __write_overflow_field(p_size_field, size);\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nMy guess is that the WARN_ON() itself is what confuses gcc, so it no\nlonger sees that there is a correct range check. Rework the code in a\nway that helps readability and avoids the warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53553",
"url": "https://www.suse.com/security/cve/CVE-2023-53553"
},
{
"category": "external",
"summary": "SUSE Bug 1251068 for CVE-2023-53553",
"url": "https://bugzilla.suse.com/1251068"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53553"
},
{
"cve": "CVE-2023-53554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53554"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext()\n\nThe \"exc-\u003ekey_len\" is a u16 that comes from the user. If it\u0027s over\nIW_ENCODING_TOKEN_MAX (64) that could lead to memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53554",
"url": "https://www.suse.com/security/cve/CVE-2023-53554"
},
{
"category": "external",
"summary": "SUSE Bug 1251057 for CVE-2023-53554",
"url": "https://bugzilla.suse.com/1251057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53554"
},
{
"cve": "CVE-2023-53555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/damon/core: initialize damo_filter-\u003elist from damos_new_filter()\n\ndamos_new_filter() is not initializing the list field of newly allocated\nfilter object. However, DAMON sysfs interface and DAMON_RECLAIM are not\ninitializing it after calling damos_new_filter(). As a result, accessing\nuninitialized memory is possible. Actually, adding multiple DAMOS filters\nvia DAMON sysfs interface caused NULL pointer dereferencing. Initialize\nthe field just after the allocation from damos_new_filter().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53555",
"url": "https://www.suse.com/security/cve/CVE-2023-53555"
},
{
"category": "external",
"summary": "SUSE Bug 1251056 for CVE-2023-53555",
"url": "https://bugzilla.suse.com/1251056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53555"
},
{
"cve": "CVE-2023-53556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53556"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix use-after-free in free_netdev\n\nWe do netif_napi_add() for all allocated q_vectors[], but potentially\ndo netif_napi_del() for part of them, then kfree q_vectors and leave\ninvalid pointers at dev-\u003enapi_list.\n\nReproducer:\n\n [root@host ~]# cat repro.sh\n #!/bin/bash\n\n pf_dbsf=\"0000:41:00.0\"\n vf0_dbsf=\"0000:41:02.0\"\n g_pids=()\n\n function do_set_numvf()\n {\n echo 2 \u003e/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n echo 0 \u003e/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n }\n\n function do_set_channel()\n {\n local nic=$(ls -1 --indicator-style=none /sys/bus/pci/devices/${vf0_dbsf}/net/)\n [ -z \"$nic\" ] \u0026\u0026 { sleep $((RANDOM%3)) ; return 1; }\n ifconfig $nic 192.168.18.5 netmask 255.255.255.0\n ifconfig $nic up\n ethtool -L $nic combined 1\n ethtool -L $nic combined 4\n sleep $((RANDOM%3))\n }\n\n function on_exit()\n {\n local pid\n for pid in \"${g_pids[@]}\"; do\n kill -0 \"$pid\" \u0026\u003e/dev/null \u0026\u0026 kill \"$pid\" \u0026\u003e/dev/null\n done\n g_pids=()\n }\n\n trap \"on_exit; exit\" EXIT\n\n while :; do do_set_numvf ; done \u0026\n g_pids+=($!)\n while :; do do_set_channel ; done \u0026\n g_pids+=($!)\n\n wait\n\nResult:\n\n[ 4093.900222] ==================================================================\n[ 4093.900230] BUG: KASAN: use-after-free in free_netdev+0x308/0x390\n[ 4093.900232] Read of size 8 at addr ffff88b4dc145640 by task repro.sh/6699\n[ 4093.900233]\n[ 4093.900236] CPU: 10 PID: 6699 Comm: repro.sh Kdump: loaded Tainted: G O --------- -t - 4.18.0 #1\n[ 4093.900238] Hardware name: Powerleader PR2008AL/H12DSi-N6, BIOS 2.0 04/09/2021\n[ 4093.900239] Call Trace:\n[ 4093.900244] dump_stack+0x71/0xab\n[ 4093.900249] print_address_description+0x6b/0x290\n[ 4093.900251] ? free_netdev+0x308/0x390\n[ 4093.900252] kasan_report+0x14a/0x2b0\n[ 4093.900254] free_netdev+0x308/0x390\n[ 4093.900261] iavf_remove+0x825/0xd20 [iavf]\n[ 4093.900265] pci_device_remove+0xa8/0x1f0\n[ 4093.900268] device_release_driver_internal+0x1c6/0x460\n[ 4093.900271] pci_stop_bus_device+0x101/0x150\n[ 4093.900273] pci_stop_and_remove_bus_device+0xe/0x20\n[ 4093.900275] pci_iov_remove_virtfn+0x187/0x420\n[ 4093.900277] ? pci_iov_add_virtfn+0xe10/0xe10\n[ 4093.900278] ? pci_get_subsys+0x90/0x90\n[ 4093.900280] sriov_disable+0xed/0x3e0\n[ 4093.900282] ? bus_find_device+0x12d/0x1a0\n[ 4093.900290] i40e_free_vfs+0x754/0x1210 [i40e]\n[ 4093.900298] ? i40e_reset_all_vfs+0x880/0x880 [i40e]\n[ 4093.900299] ? pci_get_device+0x7c/0x90\n[ 4093.900300] ? pci_get_subsys+0x90/0x90\n[ 4093.900306] ? pci_vfs_assigned.part.7+0x144/0x210\n[ 4093.900309] ? __mutex_lock_slowpath+0x10/0x10\n[ 4093.900315] i40e_pci_sriov_configure+0x1fa/0x2e0 [i40e]\n[ 4093.900318] sriov_numvfs_store+0x214/0x290\n[ 4093.900320] ? sriov_totalvfs_show+0x30/0x30\n[ 4093.900321] ? __mutex_lock_slowpath+0x10/0x10\n[ 4093.900323] ? __check_object_size+0x15a/0x350\n[ 4093.900326] kernfs_fop_write+0x280/0x3f0\n[ 4093.900329] vfs_write+0x145/0x440\n[ 4093.900330] ksys_write+0xab/0x160\n[ 4093.900332] ? __ia32_sys_read+0xb0/0xb0\n[ 4093.900334] ? fput_many+0x1a/0x120\n[ 4093.900335] ? filp_close+0xf0/0x130\n[ 4093.900338] do_syscall_64+0xa0/0x370\n[ 4093.900339] ? page_fault+0x8/0x30\n[ 4093.900341] entry_SYSCALL_64_after_hwframe+0x65/0xca\n[ 4093.900357] RIP: 0033:0x7f16ad4d22c0\n[ 4093.900359] Code: 73 01 c3 48 8b 0d d8 cb 2c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 24 2d 00 00 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 fe dd 01 00 48 89 04 24\n[ 4093.900360] RSP: 002b:00007ffd6491b7f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 4093.900362] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f16ad4d22c0\n[ 4093.900363] RDX: 0000000000000002 RSI: 0000000001a41408 RDI: 0000000000000001\n[ 4093.900364] RBP: 0000000001a41408 R08: 00007f16ad7a1780 R09: 00007f16ae1f2700\n[ 4093.9003\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53556",
"url": "https://www.suse.com/security/cve/CVE-2023-53556"
},
{
"category": "external",
"summary": "SUSE Bug 1251059 for CVE-2023-53556",
"url": "https://bugzilla.suse.com/1251059"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53556"
},
{
"cve": "CVE-2023-53557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53557"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfprobe: Release rethook after the ftrace_ops is unregistered\n\nWhile running bpf selftests it\u0027s possible to get following fault:\n\n general protection fault, probably for non-canonical address \\\n 0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP DEBUG_PAGEALLOC NOPTI\n ...\n Call Trace:\n \u003cTASK\u003e\n fprobe_handler+0xc1/0x270\n ? __pfx_bpf_testmod_init+0x10/0x10\n ? __pfx_bpf_testmod_init+0x10/0x10\n ? bpf_fentry_test1+0x5/0x10\n ? bpf_fentry_test1+0x5/0x10\n ? bpf_testmod_init+0x22/0x80\n ? do_one_initcall+0x63/0x2e0\n ? rcu_is_watching+0xd/0x40\n ? kmalloc_trace+0xaf/0xc0\n ? do_init_module+0x60/0x250\n ? __do_sys_finit_module+0xac/0x120\n ? do_syscall_64+0x37/0x90\n ? entry_SYSCALL_64_after_hwframe+0x72/0xdc\n \u003c/TASK\u003e\n\nIn unregister_fprobe function we can\u0027t release fp-\u003erethook while it\u0027s\npossible there are some of its users still running on another cpu.\n\nMoving rethook_free call after fp-\u003eops is unregistered with\nunregister_ftrace_function call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53557",
"url": "https://www.suse.com/security/cve/CVE-2023-53557"
},
{
"category": "external",
"summary": "SUSE Bug 1251054 for CVE-2023-53557",
"url": "https://bugzilla.suse.com/1251054"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53557"
},
{
"cve": "CVE-2023-53558",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53558"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()\n\npr_info() is called with rtp-\u003ecbs_gbl_lock spin lock locked. Because\npr_info() calls printk() that might sleep, this will result in BUG\nlike below:\n\n[ 0.206455] cblist_init_generic: Setting adjustable number of callback queues.\n[ 0.206463]\n[ 0.206464] =============================\n[ 0.206464] [ BUG: Invalid wait context ]\n[ 0.206465] 5.19.0-00428-g9de1f9c8ca51 #5 Not tainted\n[ 0.206466] -----------------------------\n[ 0.206466] swapper/0/1 is trying to lock:\n[ 0.206467] ffffffffa0167a58 (\u0026port_lock_key){....}-{3:3}, at: serial8250_console_write+0x327/0x4a0\n[ 0.206473] other info that might help us debug this:\n[ 0.206473] context-{5:5}\n[ 0.206474] 3 locks held by swapper/0/1:\n[ 0.206474] #0: ffffffff9eb597e0 (rcu_tasks.cbs_gbl_lock){....}-{2:2}, at: cblist_init_generic.constprop.0+0x14/0x1f0\n[ 0.206478] #1: ffffffff9eb579c0 (console_lock){+.+.}-{0:0}, at: _printk+0x63/0x7e\n[ 0.206482] #2: ffffffff9ea77780 (console_owner){....}-{0:0}, at: console_emit_next_record.constprop.0+0x111/0x330\n[ 0.206485] stack backtrace:\n[ 0.206486] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.19.0-00428-g9de1f9c8ca51 #5\n[ 0.206488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-1.fc36 04/01/2014\n[ 0.206489] Call Trace:\n[ 0.206490] \u003cTASK\u003e\n[ 0.206491] dump_stack_lvl+0x6a/0x9f\n[ 0.206493] __lock_acquire.cold+0x2d7/0x2fe\n[ 0.206496] ? stack_trace_save+0x46/0x70\n[ 0.206497] lock_acquire+0xd1/0x2f0\n[ 0.206499] ? serial8250_console_write+0x327/0x4a0\n[ 0.206500] ? __lock_acquire+0x5c7/0x2720\n[ 0.206502] _raw_spin_lock_irqsave+0x3d/0x90\n[ 0.206504] ? serial8250_console_write+0x327/0x4a0\n[ 0.206506] serial8250_console_write+0x327/0x4a0\n[ 0.206508] console_emit_next_record.constprop.0+0x180/0x330\n[ 0.206511] console_unlock+0xf7/0x1f0\n[ 0.206512] vprintk_emit+0xf7/0x330\n[ 0.206514] _printk+0x63/0x7e\n[ 0.206516] cblist_init_generic.constprop.0.cold+0x24/0x32\n[ 0.206518] rcu_init_tasks_generic+0x5/0xd9\n[ 0.206522] kernel_init_freeable+0x15b/0x2a2\n[ 0.206523] ? rest_init+0x160/0x160\n[ 0.206526] kernel_init+0x11/0x120\n[ 0.206527] ret_from_fork+0x1f/0x30\n[ 0.206530] \u003c/TASK\u003e\n[ 0.207018] cblist_init_generic: Setting shift to 1 and lim to 1.\n\nThis patch moves pr_info() so that it is called without\nrtp-\u003ecbs_gbl_lock locked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53558",
"url": "https://www.suse.com/security/cve/CVE-2023-53558"
},
{
"category": "external",
"summary": "SUSE Bug 1251081 for CVE-2023-53558",
"url": "https://bugzilla.suse.com/1251081"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53558"
},
{
"cve": "CVE-2023-53559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip_vti: fix potential slab-use-after-free in decode_session6\n\nWhen ip_vti device is set to the qdisc of the sfb type, the cb field\nof the sent skb may be modified during enqueuing. Then,\nslab-use-after-free may occur when ip_vti device sends IPv6 packets.\nAs commit f855691975bb (\"xfrm6: Fix the nexthdr offset in\n_decode_session6.\") showed, xfrm_decode_session was originally intended\nonly for the receive path. IP6CB(skb)-\u003enhoff is not set during\ntransmission. Therefore, set the cb field in the skb to 0 before\nsending packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53559",
"url": "https://www.suse.com/security/cve/CVE-2023-53559"
},
{
"category": "external",
"summary": "SUSE Bug 1251052 for CVE-2023-53559",
"url": "https://bugzilla.suse.com/1251052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53559"
},
{
"cve": "CVE-2023-53560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/histograms: Add histograms to hist_vars if they have referenced variables\n\nHist triggers can have referenced variables without having direct\nvariables fields. This can be the case if referenced variables are added\nfor trigger actions. In this case the newly added references will not\nhave field variables. Not taking such referenced variables into\nconsideration can result in a bug where it would be possible to remove\nhist trigger with variables being refenced. This will result in a bug\nthat is easily reproducable like so\n\n$ cd /sys/kernel/tracing\n$ echo \u0027synthetic_sys_enter char[] comm; long id\u0027 \u003e\u003e synthetic_events\n$ echo \u0027hist:keys=common_pid.execname,id.syscall:vals=hitcount:comm=common_pid.execname\u0027 \u003e\u003e events/raw_syscalls/sys_enter/trigger\n$ echo \u0027hist:keys=common_pid.execname,id.syscall:onmatch(raw_syscalls.sys_enter).synthetic_sys_enter($comm, id)\u0027 \u003e\u003e events/raw_syscalls/sys_enter/trigger\n$ echo \u0027!hist:keys=common_pid.execname,id.syscall:vals=hitcount:comm=common_pid.execname\u0027 \u003e\u003e events/raw_syscalls/sys_enter/trigger\n\n[ 100.263533] ==================================================================\n[ 100.264634] BUG: KASAN: slab-use-after-free in resolve_var_refs+0xc7/0x180\n[ 100.265520] Read of size 8 at addr ffff88810375d0f0 by task bash/439\n[ 100.266320]\n[ 100.266533] CPU: 2 PID: 439 Comm: bash Not tainted 6.5.0-rc1 #4\n[ 100.267277] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-20220807_005459-localhost 04/01/2014\n[ 100.268561] Call Trace:\n[ 100.268902] \u003cTASK\u003e\n[ 100.269189] dump_stack_lvl+0x4c/0x70\n[ 100.269680] print_report+0xc5/0x600\n[ 100.270165] ? resolve_var_refs+0xc7/0x180\n[ 100.270697] ? kasan_complete_mode_report_info+0x80/0x1f0\n[ 100.271389] ? resolve_var_refs+0xc7/0x180\n[ 100.271913] kasan_report+0xbd/0x100\n[ 100.272380] ? resolve_var_refs+0xc7/0x180\n[ 100.272920] __asan_load8+0x71/0xa0\n[ 100.273377] resolve_var_refs+0xc7/0x180\n[ 100.273888] event_hist_trigger+0x749/0x860\n[ 100.274505] ? kasan_save_stack+0x2a/0x50\n[ 100.275024] ? kasan_set_track+0x29/0x40\n[ 100.275536] ? __pfx_event_hist_trigger+0x10/0x10\n[ 100.276138] ? ksys_write+0xd1/0x170\n[ 100.276607] ? do_syscall_64+0x3c/0x90\n[ 100.277099] ? entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 100.277771] ? destroy_hist_data+0x446/0x470\n[ 100.278324] ? event_hist_trigger_parse+0xa6c/0x3860\n[ 100.278962] ? __pfx_event_hist_trigger_parse+0x10/0x10\n[ 100.279627] ? __kasan_check_write+0x18/0x20\n[ 100.280177] ? mutex_unlock+0x85/0xd0\n[ 100.280660] ? __pfx_mutex_unlock+0x10/0x10\n[ 100.281200] ? kfree+0x7b/0x120\n[ 100.281619] ? ____kasan_slab_free+0x15d/0x1d0\n[ 100.282197] ? event_trigger_write+0xac/0x100\n[ 100.282764] ? __kasan_slab_free+0x16/0x20\n[ 100.283293] ? __kmem_cache_free+0x153/0x2f0\n[ 100.283844] ? sched_mm_cid_remote_clear+0xb1/0x250\n[ 100.284550] ? __pfx_sched_mm_cid_remote_clear+0x10/0x10\n[ 100.285221] ? event_trigger_write+0xbc/0x100\n[ 100.285781] ? __kasan_check_read+0x15/0x20\n[ 100.286321] ? __bitmap_weight+0x66/0xa0\n[ 100.286833] ? _find_next_bit+0x46/0xe0\n[ 100.287334] ? task_mm_cid_work+0x37f/0x450\n[ 100.287872] event_triggers_call+0x84/0x150\n[ 100.288408] trace_event_buffer_commit+0x339/0x430\n[ 100.289073] ? ring_buffer_event_data+0x3f/0x60\n[ 100.292189] trace_event_raw_event_sys_enter+0x8b/0xe0\n[ 100.295434] syscall_trace_enter.constprop.0+0x18f/0x1b0\n[ 100.298653] syscall_enter_from_user_mode+0x32/0x40\n[ 100.301808] do_syscall_64+0x1a/0x90\n[ 100.304748] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 100.307775] RIP: 0033:0x7f686c75c1cb\n[ 100.310617] Code: 73 01 c3 48 8b 0d 65 3c 10 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 21 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d 35 3c 10 00 f7 d8 64 89 01 48\n[ 100.317847] RSP: 002b:00007ffc60137a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000021\n[ 100.321200] RA\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53560",
"url": "https://www.suse.com/security/cve/CVE-2023-53560"
},
{
"category": "external",
"summary": "SUSE Bug 1251045 for CVE-2023-53560",
"url": "https://bugzilla.suse.com/1251045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53560"
},
{
"cve": "CVE-2023-53563",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53563"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: amd-pstate-ut: Fix kernel panic when loading the driver\n\nAfter loading the amd-pstate-ut driver, amd_pstate_ut_check_perf()\nand amd_pstate_ut_check_freq() use cpufreq_cpu_get() to get the policy\nof the CPU and mark it as busy.\n\nIn these functions, cpufreq_cpu_put() should be used to release the\npolicy, but it is not, so any other entity trying to access the policy\nis blocked indefinitely.\n\nOne such scenario is when amd_pstate mode is changed, leading to the\nfollowing splat:\n\n[ 1332.103727] INFO: task bash:2929 blocked for more than 120 seconds.\n[ 1332.110001] Not tainted 6.5.0-rc2-amd-pstate-ut #5\n[ 1332.115315] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 1332.123140] task:bash state:D stack:0 pid:2929 ppid:2873 flags:0x00004006\n[ 1332.123143] Call Trace:\n[ 1332.123145] \u003cTASK\u003e\n[ 1332.123148] __schedule+0x3c1/0x16a0\n[ 1332.123154] ? _raw_read_lock_irqsave+0x2d/0x70\n[ 1332.123157] schedule+0x6f/0x110\n[ 1332.123160] schedule_timeout+0x14f/0x160\n[ 1332.123162] ? preempt_count_add+0x86/0xd0\n[ 1332.123165] __wait_for_common+0x92/0x190\n[ 1332.123168] ? __pfx_schedule_timeout+0x10/0x10\n[ 1332.123170] wait_for_completion+0x28/0x30\n[ 1332.123173] cpufreq_policy_put_kobj+0x4d/0x90\n[ 1332.123177] cpufreq_policy_free+0x157/0x1d0\n[ 1332.123178] ? preempt_count_add+0x58/0xd0\n[ 1332.123180] cpufreq_remove_dev+0xb6/0x100\n[ 1332.123182] subsys_interface_unregister+0x114/0x120\n[ 1332.123185] ? preempt_count_add+0x58/0xd0\n[ 1332.123187] ? __pfx_amd_pstate_change_driver_mode+0x10/0x10\n[ 1332.123190] cpufreq_unregister_driver+0x3b/0xd0\n[ 1332.123192] amd_pstate_change_driver_mode+0x1e/0x50\n[ 1332.123194] store_status+0xe9/0x180\n[ 1332.123197] dev_attr_store+0x1b/0x30\n[ 1332.123199] sysfs_kf_write+0x42/0x50\n[ 1332.123202] kernfs_fop_write_iter+0x143/0x1d0\n[ 1332.123204] vfs_write+0x2df/0x400\n[ 1332.123208] ksys_write+0x6b/0xf0\n[ 1332.123210] __x64_sys_write+0x1d/0x30\n[ 1332.123213] do_syscall_64+0x60/0x90\n[ 1332.123216] ? fpregs_assert_state_consistent+0x2e/0x50\n[ 1332.123219] ? exit_to_user_mode_prepare+0x49/0x1a0\n[ 1332.123223] ? irqentry_exit_to_user_mode+0xd/0x20\n[ 1332.123225] ? irqentry_exit+0x3f/0x50\n[ 1332.123226] ? exc_page_fault+0x8e/0x190\n[ 1332.123228] entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 1332.123232] RIP: 0033:0x7fa74c514a37\n[ 1332.123234] RSP: 002b:00007ffe31dd0788 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 1332.123238] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fa74c514a37\n[ 1332.123239] RDX: 0000000000000008 RSI: 000055e27c447aa0 RDI: 0000000000000001\n[ 1332.123241] RBP: 000055e27c447aa0 R08: 00007fa74c5d1460 R09: 000000007fffffff\n[ 1332.123242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008\n[ 1332.123244] R13: 00007fa74c61a780 R14: 00007fa74c616600 R15: 00007fa74c615a00\n[ 1332.123247] \u003c/TASK\u003e\n\nFix this by calling cpufreq_cpu_put() wherever necessary.\n\n[ rjw: Subject and changelog edits ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53563",
"url": "https://www.suse.com/security/cve/CVE-2023-53563"
},
{
"category": "external",
"summary": "SUSE Bug 1251038 for CVE-2023-53563",
"url": "https://bugzilla.suse.com/1251038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53563"
},
{
"cve": "CVE-2023-53568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/zcrypt: don\u0027t leak memory if dev_set_name() fails\n\nWhen dev_set_name() fails, zcdn_create() doesn\u0027t free the newly\nallocated resources. Do it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53568",
"url": "https://www.suse.com/security/cve/CVE-2023-53568"
},
{
"category": "external",
"summary": "SUSE Bug 1251035 for CVE-2023-53568",
"url": "https://bugzilla.suse.com/1251035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53568"
},
{
"cve": "CVE-2023-53570",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53570"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems()\n\nnl80211_parse_mbssid_elems() uses a u8 variable num_elems to count the\nnumber of MBSSID elements in the nested netlink attribute attrs, which can\nlead to an integer overflow if a user of the nl80211 interface specifies\n256 or more elements in the corresponding attribute in userspace. The\ninteger overflow can lead to a heap buffer overflow as num_elems determines\nthe size of the trailing array in elems, and this array is thereafter\nwritten to for each element in attrs.\n\nNote that this vulnerability only affects devices with the\nwiphy-\u003embssid_max_interfaces member set for the wireless physical device\nstruct in the device driver, and can only be triggered by a process with\nCAP_NET_ADMIN capabilities.\n\nFix this by checking for a maximum of 255 elements in attrs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53570",
"url": "https://www.suse.com/security/cve/CVE-2023-53570"
},
{
"category": "external",
"summary": "SUSE Bug 1251031 for CVE-2023-53570",
"url": "https://bugzilla.suse.com/1251031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53570"
},
{
"cve": "CVE-2023-53572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: scu: use _safe list iterator to avoid a use after free\n\nThis loop is freeing \"clk\" so it needs to use list_for_each_entry_safe().\nOtherwise it dereferences a freed variable to get the next item on the\nloop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53572",
"url": "https://www.suse.com/security/cve/CVE-2023-53572"
},
{
"category": "external",
"summary": "SUSE Bug 1251027 for CVE-2023-53572",
"url": "https://bugzilla.suse.com/1251027"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53572"
},
{
"cve": "CVE-2023-53574",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53574"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw88: delete timer and free skb queue when unloading\n\nFix possible crash and memory leak on driver unload by deleting\nTX purge timer and freeing C2H queue in \u0027rtw_core_deinit()\u0027,\nshrink critical section in the latter by freeing COEX queue\nout of TX report lock scope.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53574",
"url": "https://www.suse.com/security/cve/CVE-2023-53574"
},
{
"category": "external",
"summary": "SUSE Bug 1251222 for CVE-2023-53574",
"url": "https://bugzilla.suse.com/1251222"
},
{
"category": "external",
"summary": "SUSE Bug 1251984 for CVE-2023-53574",
"url": "https://bugzilla.suse.com/1251984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2023-53574"
},
{
"cve": "CVE-2023-53575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53575"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: fix potential array out of bounds access\n\nAccount for IWL_SEC_WEP_KEY_OFFSET when needed while verifying\nkey_len size in iwl_mvm_sec_key_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53575",
"url": "https://www.suse.com/security/cve/CVE-2023-53575"
},
{
"category": "external",
"summary": "SUSE Bug 1251067 for CVE-2023-53575",
"url": "https://bugzilla.suse.com/1251067"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53575"
},
{
"cve": "CVE-2023-53577",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53577"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, cpumap: Make sure kthread is running before map update returns\n\nThe following warning was reported when running stress-mode enabled\nxdp_redirect_cpu with some RT threads:\n\n ------------[ cut here ]------------\n WARNING: CPU: 4 PID: 65 at kernel/bpf/cpumap.c:135\n CPU: 4 PID: 65 Comm: kworker/4:1 Not tainted 6.5.0-rc2+ #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n Workqueue: events cpu_map_kthread_stop\n RIP: 0010:put_cpu_map_entry+0xda/0x220\n ......\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x65/0x70\n ? __warn+0xa5/0x240\n ......\n ? put_cpu_map_entry+0xda/0x220\n cpu_map_kthread_stop+0x41/0x60\n process_one_work+0x6b0/0xb80\n worker_thread+0x96/0x720\n kthread+0x1a5/0x1f0\n ret_from_fork+0x3a/0x70\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nThe root cause is the same as commit 436901649731 (\"bpf: cpumap: Fix memory\nleak in cpu_map_update_elem\"). The kthread is stopped prematurely by\nkthread_stop() in cpu_map_kthread_stop(), and kthread() doesn\u0027t call\ncpu_map_kthread_run() at all but XDP program has already queued some\nframes or skbs into ptr_ring. So when __cpu_map_ring_cleanup() checks\nthe ptr_ring, it will find it was not emptied and report a warning.\n\nAn alternative fix is to use __cpu_map_ring_cleanup() to drop these\npending frames or skbs when kthread_stop() returns -EINTR, but it may\nconfuse the user, because these frames or skbs have been handled\ncorrectly by XDP program. So instead of dropping these frames or skbs,\njust make sure the per-cpu kthread is running before\n__cpu_map_entry_alloc() returns.\n\nAfter apply the fix, the error handle for kthread_stop() will be\nunnecessary because it will always return 0, so just remove it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53577",
"url": "https://www.suse.com/security/cve/CVE-2023-53577"
},
{
"category": "external",
"summary": "SUSE Bug 1251028 for CVE-2023-53577",
"url": "https://bugzilla.suse.com/1251028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53577"
},
{
"cve": "CVE-2023-53579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpio: mvebu: fix irq domain leak\n\nUwe Kleine-Knig pointed out we still have one resource leak in the mvebu\ndriver triggered on driver detach. Let\u0027s address it with a custom devm\naction.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53579",
"url": "https://www.suse.com/security/cve/CVE-2023-53579"
},
{
"category": "external",
"summary": "SUSE Bug 1251170 for CVE-2023-53579",
"url": "https://bugzilla.suse.com/1251170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53579"
},
{
"cve": "CVE-2023-53580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: Gadget: core: Help prevent panic during UVC unconfigure\n\nAvichal Rakesh reported a kernel panic that occurred when the UVC\ngadget driver was removed from a gadget\u0027s configuration. The panic\ninvolves a somewhat complicated interaction between the kernel driver\nand a userspace component (as described in the Link tag below), but\nthe analysis did make one thing clear: The Gadget core should\naccomodate gadget drivers calling usb_gadget_deactivate() as part of\ntheir unbind procedure.\n\nCurrently this doesn\u0027t work. gadget_unbind_driver() calls\ndriver-\u003eunbind() while holding the udc-\u003econnect_lock mutex, and\nusb_gadget_deactivate() attempts to acquire that mutex, which will\nresult in a deadlock.\n\nThe simple fix is for gadget_unbind_driver() to release the mutex when\ninvoking the -\u003eunbind() callback. There is no particular reason for\nit to be holding the mutex at that time, and the mutex isn\u0027t held\nwhile the -\u003ebind() callback is invoked. So we\u0027ll drop the mutex\nbefore performing the unbind callback and reacquire it afterward.\n\nWe\u0027ll also add a couple of comments to usb_gadget_activate() and\nusb_gadget_deactivate(). Because they run in process context they\nmust not be called from a gadget driver\u0027s -\u003edisconnect() callback,\nwhich (according to the kerneldoc for struct usb_gadget_driver in\ninclude/linux/usb/gadget.h) may run in interrupt context. This may\nhelp prevent similar bugs from arising in the future.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53580",
"url": "https://www.suse.com/security/cve/CVE-2023-53580"
},
{
"category": "external",
"summary": "SUSE Bug 1251105 for CVE-2023-53580",
"url": "https://bugzilla.suse.com/1251105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53580"
},
{
"cve": "CVE-2023-53581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Check for NOT_READY flag state after locking\n\nCurrently the check for NOT_READY flag is performed before obtaining the\nnecessary lock. This opens a possibility for race condition when the flow\nis concurrently removed from unready_flows list by the workqueue task,\nwhich causes a double-removal from the list and a crash[0]. Fix the issue\nby moving the flag check inside the section protected by\nuplink_priv-\u003eunready_flows_lock mutex.\n\n[0]:\n[44376.389654] general protection fault, probably for non-canonical address 0xdead000000000108: 0000 [#1] SMP\n[44376.391665] CPU: 7 PID: 59123 Comm: tc Not tainted 6.4.0-rc4+ #1\n[44376.392984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n[44376.395342] RIP: 0010:mlx5e_tc_del_fdb_flow+0xb3/0x340 [mlx5_core]\n[44376.396857] Code: 00 48 8b b8 68 ce 02 00 e8 8a 4d 02 00 4c 8d a8 a8 01 00 00 4c 89 ef e8 8b 79 88 e1 48 8b 83 98 06 00 00 48 8b 93 90 06 00 00 \u003c48\u003e 89 42 08 48 89 10 48 b8 00 01 00 00 00 00 ad de 48 89 83 90 06\n[44376.399167] RSP: 0018:ffff88812cc97570 EFLAGS: 00010246\n[44376.399680] RAX: dead000000000122 RBX: ffff8881088e3800 RCX: ffff8881881bac00\n[44376.400337] RDX: dead000000000100 RSI: ffff88812cc97500 RDI: ffff8881242f71b0\n[44376.401001] RBP: ffff88811cbb0940 R08: 0000000000000400 R09: 0000000000000001\n[44376.401663] R10: 0000000000000001 R11: 0000000000000000 R12: ffff88812c944000\n[44376.402342] R13: ffff8881242f71a8 R14: ffff8881222b4000 R15: 0000000000000000\n[44376.402999] FS: 00007f0451104800(0000) GS:ffff88852cb80000(0000) knlGS:0000000000000000\n[44376.403787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[44376.404343] CR2: 0000000000489108 CR3: 0000000123a79003 CR4: 0000000000370ea0\n[44376.405004] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[44376.405665] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[44376.406339] Call Trace:\n[44376.406651] \u003cTASK\u003e\n[44376.406939] ? die_addr+0x33/0x90\n[44376.407311] ? exc_general_protection+0x192/0x390\n[44376.407795] ? asm_exc_general_protection+0x22/0x30\n[44376.408292] ? mlx5e_tc_del_fdb_flow+0xb3/0x340 [mlx5_core]\n[44376.408876] __mlx5e_tc_del_fdb_peer_flow+0xbc/0xe0 [mlx5_core]\n[44376.409482] mlx5e_tc_del_flow+0x42/0x210 [mlx5_core]\n[44376.410055] mlx5e_flow_put+0x25/0x50 [mlx5_core]\n[44376.410529] mlx5e_delete_flower+0x24b/0x350 [mlx5_core]\n[44376.411043] tc_setup_cb_reoffload+0x22/0x80\n[44376.411462] fl_reoffload+0x261/0x2f0 [cls_flower]\n[44376.411907] ? mlx5e_rep_indr_setup_ft_cb+0x160/0x160 [mlx5_core]\n[44376.412481] ? mlx5e_rep_indr_setup_ft_cb+0x160/0x160 [mlx5_core]\n[44376.413044] tcf_block_playback_offloads+0x76/0x170\n[44376.413497] tcf_block_unbind+0x7b/0xd0\n[44376.413881] tcf_block_setup+0x17d/0x1c0\n[44376.414269] tcf_block_offload_cmd.isra.0+0xf1/0x130\n[44376.414725] tcf_block_offload_unbind+0x43/0x70\n[44376.415153] __tcf_block_put+0x82/0x150\n[44376.415532] ingress_destroy+0x22/0x30 [sch_ingress]\n[44376.415986] qdisc_destroy+0x3b/0xd0\n[44376.416343] qdisc_graft+0x4d0/0x620\n[44376.416706] tc_get_qdisc+0x1c9/0x3b0\n[44376.417074] rtnetlink_rcv_msg+0x29c/0x390\n[44376.419978] ? rep_movs_alternative+0x3a/0xa0\n[44376.420399] ? rtnl_calcit.isra.0+0x120/0x120\n[44376.420813] netlink_rcv_skb+0x54/0x100\n[44376.421192] netlink_unicast+0x1f6/0x2c0\n[44376.421573] netlink_sendmsg+0x232/0x4a0\n[44376.421980] sock_sendmsg+0x38/0x60\n[44376.422328] ____sys_sendmsg+0x1d0/0x1e0\n[44376.422709] ? copy_msghdr_from_user+0x6d/0xa0\n[44376.423127] ___sys_sendmsg+0x80/0xc0\n[44376.423495] ? ___sys_recvmsg+0x8b/0xc0\n[44376.423869] __sys_sendmsg+0x51/0x90\n[44376.424226] do_syscall_64+0x3d/0x90\n[44376.424587] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[44376.425046] RIP: 0033:0x7f045134f887\n[44376.425403] Code: 0a 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b9 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53581",
"url": "https://www.suse.com/security/cve/CVE-2023-53581"
},
{
"category": "external",
"summary": "SUSE Bug 1251106 for CVE-2023-53581",
"url": "https://bugzilla.suse.com/1251106"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53581"
},
{
"cve": "CVE-2023-53583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf: RISC-V: Remove PERF_HES_STOPPED flag checking in riscv_pmu_start()\n\nSince commit 096b52fd2bb4 (\"perf: RISC-V: throttle perf events\") the\nperf_sample_event_took() function was added to report time spent in\noverflow interrupts. If the interrupt takes too long, the perf framework\nwill lower the sysctl_perf_event_sample_rate and max_samples_per_tick.\nWhen hwc-\u003einterrupts is larger than max_samples_per_tick, the\nhwc-\u003einterrupts will be set to MAX_INTERRUPTS, and events will be\nthrottled within the __perf_event_account_interrupt() function.\n\nHowever, the RISC-V PMU driver doesn\u0027t call riscv_pmu_stop() to update the\nPERF_HES_STOPPED flag after perf_event_overflow() in pmu_sbi_ovf_handler()\nfunction to avoid throttling. When the perf framework unthrottled the event\nin the timer interrupt handler, it triggers riscv_pmu_start() function\nand causes a WARN_ON_ONCE() warning, as shown below:\n\n ------------[ cut here ]------------\n WARNING: CPU: 0 PID: 240 at drivers/perf/riscv_pmu.c:184 riscv_pmu_start+0x7c/0x8e\n Modules linked in:\n CPU: 0 PID: 240 Comm: ls Not tainted 6.4-rc4-g19d0788e9ef2 #1\n Hardware name: SiFive (DT)\n epc : riscv_pmu_start+0x7c/0x8e\n ra : riscv_pmu_start+0x28/0x8e\n epc : ffffffff80aef864 ra : ffffffff80aef810 sp : ffff8f80004db6f0\n gp : ffffffff81c83750 tp : ffffaf80069f9bc0 t0 : ffff8f80004db6c0\n t1 : 0000000000000000 t2 : 000000000000001f s0 : ffff8f80004db720\n s1 : ffffaf8008ca1068 a0 : 0000ffffffffffff a1 : 0000000000000000\n a2 : 0000000000000001 a3 : 0000000000000870 a4 : 0000000000000000\n a5 : 0000000000000000 a6 : 0000000000000840 a7 : 0000000000000030\n s2 : 0000000000000000 s3 : ffffaf8005165800 s4 : ffffaf800424da00\n s5 : ffffffffffffffff s6 : ffffffff81cc7590 s7 : 0000000000000000\n s8 : 0000000000000006 s9 : 0000000000000001 s10: ffffaf807efbc340\n s11: ffffaf807efbbf00 t3 : ffffaf8006a16028 t4 : 00000000dbfbb796\n t5 : 0000000700000000 t6 : ffffaf8005269870\n status: 0000000200000100 badaddr: 0000000000000000 cause: 0000000000000003\n [\u003cffffffff80aef864\u003e] riscv_pmu_start+0x7c/0x8e\n [\u003cffffffff80185b56\u003e] perf_adjust_freq_unthr_context+0x15e/0x174\n [\u003cffffffff80188642\u003e] perf_event_task_tick+0x88/0x9c\n [\u003cffffffff800626a8\u003e] scheduler_tick+0xfe/0x27c\n [\u003cffffffff800b5640\u003e] update_process_times+0x9a/0xba\n [\u003cffffffff800c5bd4\u003e] tick_sched_handle+0x32/0x66\n [\u003cffffffff800c5e0c\u003e] tick_sched_timer+0x64/0xb0\n [\u003cffffffff800b5e50\u003e] __hrtimer_run_queues+0x156/0x2f4\n [\u003cffffffff800b6bdc\u003e] hrtimer_interrupt+0xe2/0x1fe\n [\u003cffffffff80acc9e8\u003e] riscv_timer_interrupt+0x38/0x42\n [\u003cffffffff80090a16\u003e] handle_percpu_devid_irq+0x90/0x1d2\n [\u003cffffffff8008a9f4\u003e] generic_handle_domain_irq+0x28/0x36\n\nAfter referring other PMU drivers like Arm, Loongarch, Csky, and Mips,\nthey don\u0027t call *_pmu_stop() to update with PERF_HES_STOPPED flag\nafter perf_event_overflow() function nor do they add PERF_HES_STOPPED\nflag checking in *_pmu_start() which don\u0027t cause this warning.\n\nThus, it\u0027s recommended to remove this unnecessary check in\nriscv_pmu_start() function to prevent this warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53583",
"url": "https://www.suse.com/security/cve/CVE-2023-53583"
},
{
"category": "external",
"summary": "SUSE Bug 1251108 for CVE-2023-53583",
"url": "https://bugzilla.suse.com/1251108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53583"
},
{
"cve": "CVE-2023-53585",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53585"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: reject unhashed sockets in bpf_sk_assign\n\nThe semantics for bpf_sk_assign are as follows:\n\n sk = some_lookup_func()\n bpf_sk_assign(skb, sk)\n bpf_sk_release(sk)\n\nThat is, the sk is not consumed by bpf_sk_assign. The function\ntherefore needs to make sure that sk lives long enough to be\nconsumed from __inet_lookup_skb. The path through the stack for a\nTCPv4 packet is roughly:\n\n netif_receive_skb_core: takes RCU read lock\n __netif_receive_skb_core:\n sch_handle_ingress:\n tcf_classify:\n bpf_sk_assign()\n deliver_ptype_list_skb:\n deliver_skb:\n ip_packet_type-\u003efunc == ip_rcv:\n ip_rcv_core:\n ip_rcv_finish_core:\n dst_input:\n ip_local_deliver:\n ip_local_deliver_finish:\n ip_protocol_deliver_rcu:\n tcp_v4_rcv:\n __inet_lookup_skb:\n skb_steal_sock\n\nThe existing helper takes advantage of the fact that everything\nhappens in the same RCU critical section: for sockets with\nSOCK_RCU_FREE set bpf_sk_assign never takes a reference.\nskb_steal_sock then checks SOCK_RCU_FREE again and does sock_put\nif necessary.\n\nThis approach assumes that SOCK_RCU_FREE is never set on a sk\nbetween bpf_sk_assign and skb_steal_sock, but this invariant is\nviolated by unhashed UDP sockets. A new UDP socket is created\nin TCP_CLOSE state but without SOCK_RCU_FREE set. That flag is only\nadded in udp_lib_get_port() which happens when a socket is bound.\n\nWhen bpf_sk_assign was added it wasn\u0027t possible to access unhashed\nUDP sockets from BPF, so this wasn\u0027t a problem. This changed\nin commit 0c48eefae712 (\"sock_map: Lift socket state restriction\nfor datagram sockets\"), but the helper wasn\u0027t adjusted accordingly.\nThe following sequence of events will therefore lead to a refcount\nleak:\n\n1. Add socket(AF_INET, SOCK_DGRAM) to a sockmap.\n2. Pull socket out of sockmap and bpf_sk_assign it. Since\n SOCK_RCU_FREE is not set we increment the refcount.\n3. bind() or connect() the socket, setting SOCK_RCU_FREE.\n4. skb_steal_sock will now set refcounted = false due to\n SOCK_RCU_FREE.\n5. tcp_v4_rcv() skips sock_put().\n\nFix the problem by rejecting unhashed sockets in bpf_sk_assign().\nThis matches the behaviour of __inet_lookup_skb which is ultimately\nthe goal of bpf_sk_assign().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53585",
"url": "https://www.suse.com/security/cve/CVE-2023-53585"
},
{
"category": "external",
"summary": "SUSE Bug 1251126 for CVE-2023-53585",
"url": "https://bugzilla.suse.com/1251126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53585"
},
{
"cve": "CVE-2023-53588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check for station first in client probe\n\nWhen probing a client, first check if we have it, and then\ncheck for the channel context, otherwise you can trigger\nthe warning there easily by probing when the AP isn\u0027t even\nstarted yet. Since a client existing means the AP is also\noperating, we can then keep the warning.\n\nAlso simplify the moved code a bit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53588",
"url": "https://www.suse.com/security/cve/CVE-2023-53588"
},
{
"category": "external",
"summary": "SUSE Bug 1251206 for CVE-2023-53588",
"url": "https://bugzilla.suse.com/1251206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53588"
},
{
"cve": "CVE-2023-53593",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53593"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Release folio lock on fscache read hit.\n\nUnder the current code, when cifs_readpage_worker is called, the call\ncontract is that the callee should unlock the page. This is documented\nin the read_folio section of Documentation/filesystems/vfs.rst as:\n\n\u003e The filesystem should unlock the folio once the read has completed,\n\u003e whether it was successful or not.\n\nWithout this change, when fscache is in use and cache hit occurs during\na read, the page lock is leaked, producing the following stack on\nsubsequent reads (via mmap) to the page:\n\n$ cat /proc/3890/task/12864/stack\n[\u003c0\u003e] folio_wait_bit_common+0x124/0x350\n[\u003c0\u003e] filemap_read_folio+0xad/0xf0\n[\u003c0\u003e] filemap_fault+0x8b1/0xab0\n[\u003c0\u003e] __do_fault+0x39/0x150\n[\u003c0\u003e] do_fault+0x25c/0x3e0\n[\u003c0\u003e] __handle_mm_fault+0x6ca/0xc70\n[\u003c0\u003e] handle_mm_fault+0xe9/0x350\n[\u003c0\u003e] do_user_addr_fault+0x225/0x6c0\n[\u003c0\u003e] exc_page_fault+0x84/0x1b0\n[\u003c0\u003e] asm_exc_page_fault+0x27/0x30\n\nThis requires a reboot to resolve; it is a deadlock.\n\nNote however that the call to cifs_readpage_from_fscache does mark the\npage clean, but does not free the folio lock. This happens in\n__cifs_readpage_from_fscache on success. Releasing the lock at that\npoint however is not appropriate as cifs_readahead also calls\ncifs_readpage_from_fscache and *does* unconditionally release the lock\nafter its return. This change therefore effectively makes\ncifs_readpage_worker work like cifs_readahead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53593",
"url": "https://www.suse.com/security/cve/CVE-2023-53593"
},
{
"category": "external",
"summary": "SUSE Bug 1251132 for CVE-2023-53593",
"url": "https://bugzilla.suse.com/1251132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53593"
},
{
"cve": "CVE-2023-53596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53596"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers: base: Free devm resources when unregistering a device\n\nIn the current code, devres_release_all() only gets called if the device\nhas a bus and has been probed.\n\nThis leads to issues when using bus-less or driver-less devices where\nthe device might never get freed if a managed resource holds a reference\nto the device. This is happening in the DRM framework for example.\n\nWe should thus call devres_release_all() in the device_del() function to\nmake sure that the device-managed actions are properly executed when the\ndevice is unregistered, even if it has neither a bus nor a driver.\n\nThis is effectively the same change than commit 2f8d16a996da (\"devres:\nrelease resources on device_del()\") that got reverted by commit\na525a3ddeaca (\"driver core: free devres in device_release\") over\nmemory leaks concerns.\n\nThis patch effectively combines the two commits mentioned above to\nrelease the resources both on device_del() and device_release() and get\nthe best of both worlds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53596",
"url": "https://www.suse.com/security/cve/CVE-2023-53596"
},
{
"category": "external",
"summary": "SUSE Bug 1251161 for CVE-2023-53596",
"url": "https://bugzilla.suse.com/1251161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53596"
},
{
"cve": "CVE-2023-53597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix mid leak during reconnection after timeout threshold\n\nWhen the number of responses with status of STATUS_IO_TIMEOUT\nexceeds a specified threshold (NUM_STATUS_IO_TIMEOUT), we reconnect\nthe connection. But we do not return the mid, or the credits\nreturned for the mid, or reduce the number of in-flight requests.\n\nThis bug could result in the server-\u003ein_flight count to go bad,\nand also cause a leak in the mids.\n\nThis change moves the check to a few lines below where the\nresponse is decrypted, even of the response is read from the\ntransform header. This way, the code for returning the mids\ncan be reused.\n\nAlso, the cifs_reconnect was reconnecting just the transport\nconnection before. In case of multi-channel, this may not be\nwhat we want to do after several timeouts. Changed that to\nreconnect the session and the tree too.\n\nAlso renamed NUM_STATUS_IO_TIMEOUT to a more appropriate name\nMAX_STATUS_IO_TIMEOUT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53597",
"url": "https://www.suse.com/security/cve/CVE-2023-53597"
},
{
"category": "external",
"summary": "SUSE Bug 1251159 for CVE-2023-53597",
"url": "https://bugzilla.suse.com/1251159"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53597"
},
{
"cve": "CVE-2023-53599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53599"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Fix missing initialisation affecting gcm-aes-s390\n\nFix af_alg_alloc_areq() to initialise areq-\u003efirst_rsgl.sgl.sgt.sgl to point\nto the scatterlist array in areq-\u003efirst_rsgl.sgl.sgl.\n\nWithout this, the gcm-aes-s390 driver will oops when it tries to do\ngcm_walk_start() on req-\u003edst because req-\u003edst is set to the value of\nareq-\u003efirst_rsgl.sgl.sgl by _aead_recvmsg() calling\naead_request_set_crypt().\n\nThe problem comes if an empty ciphertext is passed: the loop in\naf_alg_get_rsgl() just passes straight out and doesn\u0027t set areq-\u003efirst_rsgl\nup.\n\nThis isn\u0027t a problem on x86_64 using gcmaes_crypt_by_sg() because, as far\nas I can tell, that ignores req-\u003edst and only uses req-\u003esrc[*].\n\n[*] Is this a bug in aesni-intel_glue.c?\n\nThe s390x oops looks something like:\n\n Unable to handle kernel pointer dereference in virtual kernel address space\n Failing address: 0000000a00000000 TEID: 0000000a00000803\n Fault in home space mode while using kernel ASCE.\n AS:00000000a43a0007 R3:0000000000000024\n Oops: 003b ilc:2 [#1] SMP\n ...\n Call Trace:\n [\u003c000003ff7fc3d47e\u003e] gcm_walk_start+0x16/0x28 [aes_s390]\n [\u003c00000000a2a342f2\u003e] crypto_aead_decrypt+0x9a/0xb8\n [\u003c00000000a2a60888\u003e] aead_recvmsg+0x478/0x698\n [\u003c00000000a2e519a0\u003e] sock_recvmsg+0x70/0xb0\n [\u003c00000000a2e51a56\u003e] sock_read_iter+0x76/0xa0\n [\u003c00000000a273e066\u003e] vfs_read+0x26e/0x2a8\n [\u003c00000000a273e8c4\u003e] ksys_read+0xbc/0x100\n [\u003c00000000a311d808\u003e] __do_syscall+0x1d0/0x1f8\n [\u003c00000000a312ff30\u003e] system_call+0x70/0x98\n Last Breaking-Event-Address:\n [\u003c000003ff7fc3e6b4\u003e] gcm_aes_crypt+0x104/0xa68 [aes_s390]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53599",
"url": "https://www.suse.com/security/cve/CVE-2023-53599"
},
{
"category": "external",
"summary": "SUSE Bug 1251150 for CVE-2023-53599",
"url": "https://bugzilla.suse.com/1251150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53599"
},
{
"cve": "CVE-2023-53600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53600"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntunnels: fix kasan splat when generating ipv4 pmtu error\n\nIf we try to emit an icmp error in response to a nonliner skb, we get\n\nBUG: KASAN: slab-out-of-bounds in ip_compute_csum+0x134/0x220\nRead of size 4 at addr ffff88811c50db00 by task iperf3/1691\nCPU: 2 PID: 1691 Comm: iperf3 Not tainted 6.5.0-rc3+ #309\n[..]\n kasan_report+0x105/0x140\n ip_compute_csum+0x134/0x220\n iptunnel_pmtud_build_icmp+0x554/0x1020\n skb_tunnel_check_pmtu+0x513/0xb80\n vxlan_xmit_one+0x139e/0x2ef0\n vxlan_xmit+0x1867/0x2760\n dev_hard_start_xmit+0x1ee/0x4f0\n br_dev_queue_push_xmit+0x4d1/0x660\n [..]\n\nip_compute_csum() cannot deal with nonlinear skbs, so avoid it.\nAfter this change, splat is gone and iperf3 is no longer stuck.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53600",
"url": "https://www.suse.com/security/cve/CVE-2023-53600"
},
{
"category": "external",
"summary": "SUSE Bug 1251152 for CVE-2023-53600",
"url": "https://bugzilla.suse.com/1251152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53600"
},
{
"cve": "CVE-2023-53601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: do not assume skb mac_header is set\n\nDrivers must not assume in their ndo_start_xmit() that\nskbs have their mac_header set. skb-\u003edata is all what is needed.\n\nbonding seems to be one of the last offender as caught by syzbot:\n\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 skb_mac_offset include/linux/skbuff.h:2913 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 bond_xmit_hash drivers/net/bonding/bond_main.c:4170 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 bond_xmit_3ad_xor_slave_get drivers/net/bonding/bond_main.c:5149 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 bond_3ad_xor_xmit drivers/net/bonding/bond_main.c:5186 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 __bond_start_xmit drivers/net/bonding/bond_main.c:5442 [inline]\nWARNING: CPU: 1 PID: 12155 at include/linux/skbuff.h:2907 bond_start_xmit+0x14ab/0x19d0 drivers/net/bonding/bond_main.c:5470\nModules linked in:\nCPU: 1 PID: 12155 Comm: syz-executor.3 Not tainted 6.1.30-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023\nRIP: 0010:skb_mac_header include/linux/skbuff.h:2907 [inline]\nRIP: 0010:skb_mac_offset include/linux/skbuff.h:2913 [inline]\nRIP: 0010:bond_xmit_hash drivers/net/bonding/bond_main.c:4170 [inline]\nRIP: 0010:bond_xmit_3ad_xor_slave_get drivers/net/bonding/bond_main.c:5149 [inline]\nRIP: 0010:bond_3ad_xor_xmit drivers/net/bonding/bond_main.c:5186 [inline]\nRIP: 0010:__bond_start_xmit drivers/net/bonding/bond_main.c:5442 [inline]\nRIP: 0010:bond_start_xmit+0x14ab/0x19d0 drivers/net/bonding/bond_main.c:5470\nCode: 8b 7c 24 30 e8 76 dd 1a 01 48 85 c0 74 0d 48 89 c3 e8 29 67 2e fe e9 15 ef ff ff e8 1f 67 2e fe e9 10 ef ff ff e8 15 67 2e fe \u003c0f\u003e 0b e9 45 f8 ff ff e8 09 67 2e fe e9 dc fa ff ff e8 ff 66 2e fe\nRSP: 0018:ffffc90002fff6e0 EFLAGS: 00010283\nRAX: ffffffff835874db RBX: 000000000000ffff RCX: 0000000000040000\nRDX: ffffc90004dcf000 RSI: 00000000000000b5 RDI: 00000000000000b6\nRBP: ffffc90002fff8b8 R08: ffffffff83586d16 R09: ffffffff83586584\nR10: 0000000000000007 R11: ffff8881599fc780 R12: ffff88811b6a7b7e\nR13: 1ffff110236d4f6f R14: ffff88811b6a7ac0 R15: 1ffff110236d4f76\nFS: 00007f2e9eb47700(0000) GS:ffff8881f6b00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b2e421000 CR3: 000000010e6d4000 CR4: 00000000003526e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\n[\u003cffffffff8471a49f\u003e] netdev_start_xmit include/linux/netdevice.h:4925 [inline]\n[\u003cffffffff8471a49f\u003e] __dev_direct_xmit+0x4ef/0x850 net/core/dev.c:4380\n[\u003cffffffff851d845b\u003e] dev_direct_xmit include/linux/netdevice.h:3043 [inline]\n[\u003cffffffff851d845b\u003e] packet_direct_xmit+0x18b/0x300 net/packet/af_packet.c:284\n[\u003cffffffff851c7472\u003e] packet_snd net/packet/af_packet.c:3112 [inline]\n[\u003cffffffff851c7472\u003e] packet_sendmsg+0x4a22/0x64d0 net/packet/af_packet.c:3143\n[\u003cffffffff8467a4b2\u003e] sock_sendmsg_nosec net/socket.c:716 [inline]\n[\u003cffffffff8467a4b2\u003e] sock_sendmsg net/socket.c:736 [inline]\n[\u003cffffffff8467a4b2\u003e] __sys_sendto+0x472/0x5f0 net/socket.c:2139\n[\u003cffffffff8467a715\u003e] __do_sys_sendto net/socket.c:2151 [inline]\n[\u003cffffffff8467a715\u003e] __se_sys_sendto net/socket.c:2147 [inline]\n[\u003cffffffff8467a715\u003e] __x64_sys_sendto+0xe5/0x100 net/socket.c:2147\n[\u003cffffffff8553071f\u003e] do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n[\u003cffffffff8553071f\u003e] do_syscall_64+0x2f/0x50 arch/x86/entry/common.c:80\n[\u003cffffffff85600087\u003e] entry_SYSCALL_64_after_hwframe+0x63/0xcd",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53601",
"url": "https://www.suse.com/security/cve/CVE-2023-53601"
},
{
"category": "external",
"summary": "SUSE Bug 1251153 for CVE-2023-53601",
"url": "https://bugzilla.suse.com/1251153"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53601"
},
{
"cve": "CVE-2023-53602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix memory leak in WMI firmware stats\n\nMemory allocated for firmware pdev, vdev and beacon statistics\nare not released during rmmod.\n\nFix it by calling ath11k_fw_stats_free() function before hardware\nunregister.\n\nWhile at it, avoid calling ath11k_fw_stats_free() while processing\nthe firmware stats received in the WMI event because the local list\nis getting spliced and reinitialised and hence there are no elements\nin the list after splicing.\n\nTested-on: QCN9074 hw1.0 PCI WLAN.HK.2.7.0.1-01744-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53602",
"url": "https://www.suse.com/security/cve/CVE-2023-53602"
},
{
"category": "external",
"summary": "SUSE Bug 1251076 for CVE-2023-53602",
"url": "https://bugzilla.suse.com/1251076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53602"
},
{
"cve": "CVE-2023-53603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53603"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Avoid fcport pointer dereference\n\nKlocwork reported warning of NULL pointer may be dereferenced. The routine\nexits when sa_ctl is NULL and fcport is allocated after the exit call thus\ncausing NULL fcport pointer to dereference at the time of exit.\n\nTo avoid fcport pointer dereference, exit the routine when sa_ctl is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53603",
"url": "https://www.suse.com/security/cve/CVE-2023-53603"
},
{
"category": "external",
"summary": "SUSE Bug 1251180 for CVE-2023-53603",
"url": "https://bugzilla.suse.com/1251180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53603"
},
{
"cve": "CVE-2023-53611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53611"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipmi_si: fix a memleak in try_smi_init()\n\nKmemleak reported the following leak info in try_smi_init():\n\nunreferenced object 0xffff00018ecf9400 (size 1024):\n comm \"modprobe\", pid 2707763, jiffies 4300851415 (age 773.308s)\n backtrace:\n [\u003c000000004ca5b312\u003e] __kmalloc+0x4b8/0x7b0\n [\u003c00000000953b1072\u003e] try_smi_init+0x148/0x5dc [ipmi_si]\n [\u003c000000006460d325\u003e] 0xffff800081b10148\n [\u003c0000000039206ea5\u003e] do_one_initcall+0x64/0x2a4\n [\u003c00000000601399ce\u003e] do_init_module+0x50/0x300\n [\u003c000000003c12ba3c\u003e] load_module+0x7a8/0x9e0\n [\u003c00000000c246fffe\u003e] __se_sys_init_module+0x104/0x180\n [\u003c00000000eea99093\u003e] __arm64_sys_init_module+0x24/0x30\n [\u003c0000000021b1ef87\u003e] el0_svc_common.constprop.0+0x94/0x250\n [\u003c0000000070f4f8b7\u003e] do_el0_svc+0x48/0xe0\n [\u003c000000005a05337f\u003e] el0_svc+0x24/0x3c\n [\u003c000000005eb248d6\u003e] el0_sync_handler+0x160/0x164\n [\u003c0000000030a59039\u003e] el0_sync+0x160/0x180\n\nThe problem was that when an error occurred before handlers registration\nand after allocating `new_smi-\u003esi_sm`, the variable wouldn\u0027t be freed in\nthe error handling afterwards since `shutdown_smi()` hadn\u0027t been\nregistered yet. Fix it by adding a `kfree()` in the error handling path\nin `try_smi_init()`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53611",
"url": "https://www.suse.com/security/cve/CVE-2023-53611"
},
{
"category": "external",
"summary": "SUSE Bug 1251123 for CVE-2023-53611",
"url": "https://bugzilla.suse.com/1251123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53611"
},
{
"cve": "CVE-2023-53613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53613"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndax: Fix dax_mapping_release() use after free\n\nA CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region\nprovider (like modprobe -r dax_hmem) yields:\n\n kobject: \u0027mapping0\u0027 (ffff93eb460e8800): kobject_release, parent 0000000000000000 (delayed 2000)\n [..]\n DEBUG_LOCKS_WARN_ON(1)\n WARNING: CPU: 23 PID: 282 at kernel/locking/lockdep.c:232 __lock_acquire+0x9fc/0x2260\n [..]\n RIP: 0010:__lock_acquire+0x9fc/0x2260\n [..]\n Call Trace:\n \u003cTASK\u003e\n [..]\n lock_acquire+0xd4/0x2c0\n ? ida_free+0x62/0x130\n _raw_spin_lock_irqsave+0x47/0x70\n ? ida_free+0x62/0x130\n ida_free+0x62/0x130\n dax_mapping_release+0x1f/0x30\n device_release+0x36/0x90\n kobject_delayed_cleanup+0x46/0x150\n\nDue to attempting ida_free() on an ida object that has already been\nfreed. Devices typically only hold a reference on their parent while\nregistered. If a child needs a parent object to complete its release it\nneeds to hold a reference that it drops from its release callback.\nArrange for a dax_mapping to pin its parent dev_dax instance until\ndax_mapping_release().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53613",
"url": "https://www.suse.com/security/cve/CVE-2023-53613"
},
{
"category": "external",
"summary": "SUSE Bug 1251119 for CVE-2023-53613",
"url": "https://bugzilla.suse.com/1251119"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53613"
},
{
"cve": "CVE-2023-53615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53615"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix deletion race condition\n\nSystem crash when using debug kernel due to link list corruption. The cause\nof the link list corruption is due to session deletion was allowed to queue\nup twice. Here\u0027s the internal trace that show the same port was allowed to\ndouble queue for deletion on different cpu.\n\n20808683956 015 qla2xxx [0000:13:00.1]-e801:4: Scheduling sess ffff93ebf9306800 for deletion 50:06:0e:80:12:48:ff:50 fc4_type 1\n20808683957 027 qla2xxx [0000:13:00.1]-e801:4: Scheduling sess ffff93ebf9306800 for deletion 50:06:0e:80:12:48:ff:50 fc4_type 1\n\nMove the clearing/setting of deleted flag lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53615",
"url": "https://www.suse.com/security/cve/CVE-2023-53615"
},
{
"category": "external",
"summary": "SUSE Bug 1251113 for CVE-2023-53615",
"url": "https://bugzilla.suse.com/1251113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53615"
},
{
"cve": "CVE-2023-53616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix invalid free of JFS_IP(ipimap)-\u003ei_imap in diUnmount\n\nsyzbot found an invalid-free in diUnmount:\n\nBUG: KASAN: double-free in slab_free mm/slub.c:3661 [inline]\nBUG: KASAN: double-free in __kmem_cache_free+0x71/0x110 mm/slub.c:3674\nFree of addr ffff88806f410000 by task syz-executor131/3632\n\n CPU: 0 PID: 3632 Comm: syz-executor131 Not tainted 6.1.0-rc7-syzkaller-00012-gca57f02295f1 #0\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022\n Call Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1b1/0x28e lib/dump_stack.c:106\n print_address_description+0x74/0x340 mm/kasan/report.c:284\n print_report+0x107/0x1f0 mm/kasan/report.c:395\n kasan_report_invalid_free+0xac/0xd0 mm/kasan/report.c:460\n ____kasan_slab_free+0xfb/0x120\n kasan_slab_free include/linux/kasan.h:177 [inline]\n slab_free_hook mm/slub.c:1724 [inline]\n slab_free_freelist_hook+0x12e/0x1a0 mm/slub.c:1750\n slab_free mm/slub.c:3661 [inline]\n __kmem_cache_free+0x71/0x110 mm/slub.c:3674\n diUnmount+0xef/0x100 fs/jfs/jfs_imap.c:195\n jfs_umount+0x108/0x370 fs/jfs/jfs_umount.c:63\n jfs_put_super+0x86/0x190 fs/jfs/super.c:194\n generic_shutdown_super+0x130/0x310 fs/super.c:492\n kill_block_super+0x79/0xd0 fs/super.c:1428\n deactivate_locked_super+0xa7/0xf0 fs/super.c:332\n cleanup_mnt+0x494/0x520 fs/namespace.c:1186\n task_work_run+0x243/0x300 kernel/task_work.c:179\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0x664/0x2070 kernel/exit.c:820\n do_group_exit+0x1fd/0x2b0 kernel/exit.c:950\n __do_sys_exit_group kernel/exit.c:961 [inline]\n __se_sys_exit_group kernel/exit.c:959 [inline]\n __x64_sys_exit_group+0x3b/0x40 kernel/exit.c:959\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x3d/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n[...]\n\nJFS_IP(ipimap)-\u003ei_imap is not setting to NULL after free in diUnmount.\nIf jfs_remount() free JFS_IP(ipimap)-\u003ei_imap but then failed at diMount().\nJFS_IP(ipimap)-\u003ei_imap will be freed once again.\nFix this problem by setting JFS_IP(ipimap)-\u003ei_imap to NULL after free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53616",
"url": "https://www.suse.com/security/cve/CVE-2023-53616"
},
{
"category": "external",
"summary": "SUSE Bug 1251215 for CVE-2023-53616",
"url": "https://bugzilla.suse.com/1251215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53616"
},
{
"cve": "CVE-2023-53617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: aspeed: socinfo: Add kfree for kstrdup\n\nAdd kfree() in the later error handling in order to avoid memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53617",
"url": "https://www.suse.com/security/cve/CVE-2023-53617"
},
{
"category": "external",
"summary": "SUSE Bug 1251268 for CVE-2023-53617",
"url": "https://bugzilla.suse.com/1251268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53617"
},
{
"cve": "CVE-2023-53618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reject invalid reloc tree root keys with stack dump\n\n[BUG]\nSyzbot reported a crash that an ASSERT() got triggered inside\nprepare_to_merge().\n\nThat ASSERT() makes sure the reloc tree is properly pointed back by its\nsubvolume tree.\n\n[CAUSE]\nAfter more debugging output, it turns out we had an invalid reloc tree:\n\n BTRFS error (device loop1): reloc tree mismatch, root 8 has no reloc root, expect reloc root key (-8, 132, 8) gen 17\n\nNote the above root key is (TREE_RELOC_OBJECTID, ROOT_ITEM,\nQUOTA_TREE_OBJECTID), meaning it\u0027s a reloc tree for quota tree.\n\nBut reloc trees can only exist for subvolumes, as for non-subvolume\ntrees, we just COW the involved tree block, no need to create a reloc\ntree since those tree blocks won\u0027t be shared with other trees.\n\nOnly subvolumes tree can share tree blocks with other trees (thus they\nhave BTRFS_ROOT_SHAREABLE flag).\n\nThus this new debug output proves my previous assumption that corrupted\non-disk data can trigger that ASSERT().\n\n[FIX]\nBesides the dedicated fix and the graceful exit, also let tree-checker to\ncheck such root keys, to make sure reloc trees can only exist for subvolumes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53618",
"url": "https://www.suse.com/security/cve/CVE-2023-53618"
},
{
"category": "external",
"summary": "SUSE Bug 1251748 for CVE-2023-53618",
"url": "https://bugzilla.suse.com/1251748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53618"
},
{
"cve": "CVE-2023-53619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53619"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: conntrack: Avoid nf_ct_helper_hash uses after free\n\nIf nf_conntrack_init_start() fails (for example due to a\nregister_nf_conntrack_bpf() failure), the nf_conntrack_helper_fini()\nclean-up path frees the nf_ct_helper_hash map.\n\nWhen built with NF_CONNTRACK=y, further netfilter modules (e.g:\nnetfilter_conntrack_ftp) can still be loaded and call\nnf_conntrack_helpers_register(), independently of whether nf_conntrack\ninitialized correctly. This accesses the nf_ct_helper_hash dangling\npointer and causes a uaf, possibly leading to random memory corruption.\n\nThis patch guards nf_conntrack_helper_register() from accessing a freed\nor uninitialized nf_ct_helper_hash pointer and fixes possible\nuses-after-free when loading a conntrack module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53619",
"url": "https://www.suse.com/security/cve/CVE-2023-53619"
},
{
"category": "external",
"summary": "SUSE Bug 1251743 for CVE-2023-53619",
"url": "https://bugzilla.suse.com/1251743"
},
{
"category": "external",
"summary": "SUSE Bug 1251745 for CVE-2023-53619",
"url": "https://bugzilla.suse.com/1251745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53619"
},
{
"cve": "CVE-2023-53621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmemcontrol: ensure memcg acquired by id is properly set up\n\nIn the eviction recency check, we attempt to retrieve the memcg to which\nthe folio belonged when it was evicted, by the memcg id stored in the\nshadow entry. However, there is a chance that the retrieved memcg is not\nthe original memcg that has been killed, but a new one which happens to\nhave the same id.\n\nThis is a somewhat unfortunate, but acceptable and rare inaccuracy in the\nheuristics. However, if we retrieve this new memcg between its allocation\nand when it is properly attached to the memcg hierarchy, we could run into\nthe following NULL pointer exception during the memcg hierarchy traversal\ndone in mem_cgroup_get_nr_swap_pages():\n\n[ 155757.793456] BUG: kernel NULL pointer dereference, address: 00000000000000c0\n[ 155757.807568] #PF: supervisor read access in kernel mode\n[ 155757.818024] #PF: error_code(0x0000) - not-present page\n[ 155757.828482] PGD 401f77067 P4D 401f77067 PUD 401f76067 PMD 0\n[ 155757.839985] Oops: 0000 [#1] SMP\n[ 155757.887870] RIP: 0010:mem_cgroup_get_nr_swap_pages+0x3d/0xb0\n[ 155757.899377] Code: 29 19 4a 02 48 39 f9 74 63 48 8b 97 c0 00 00 00 48 8b b7 58 02 00 00 48 2b b7 c0 01 00 00 48 39 f0 48 0f 4d c6 48 39 d1 74 42 \u003c48\u003e 8b b2 c0 00 00 00 48 8b ba 58 02 00 00 48 2b ba c0 01 00 00 48\n[ 155757.937125] RSP: 0018:ffffc9002ecdfbc8 EFLAGS: 00010286\n[ 155757.947755] RAX: 00000000003a3b1c RBX: 000007ffffffffff RCX: ffff888280183000\n[ 155757.962202] RDX: 0000000000000000 RSI: 0007ffffffffffff RDI: ffff888bbc2d1000\n[ 155757.976648] RBP: 0000000000000001 R08: 000000000000000b R09: ffff888ad9cedba0\n[ 155757.991094] R10: ffffea0039c07900 R11: 0000000000000010 R12: ffff888b23a7b000\n[ 155758.005540] R13: 0000000000000000 R14: ffff888bbc2d1000 R15: 000007ffffc71354\n[ 155758.019991] FS: 00007f6234c68640(0000) GS:ffff88903f9c0000(0000) knlGS:0000000000000000\n[ 155758.036356] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 155758.048023] CR2: 00000000000000c0 CR3: 0000000a83eb8004 CR4: 00000000007706e0\n[ 155758.062473] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 155758.076924] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 155758.091376] PKRU: 55555554\n[ 155758.096957] Call Trace:\n[ 155758.102016] \u003cTASK\u003e\n[ 155758.106502] ? __die+0x78/0xc0\n[ 155758.112793] ? page_fault_oops+0x286/0x380\n[ 155758.121175] ? exc_page_fault+0x5d/0x110\n[ 155758.129209] ? asm_exc_page_fault+0x22/0x30\n[ 155758.137763] ? mem_cgroup_get_nr_swap_pages+0x3d/0xb0\n[ 155758.148060] workingset_test_recent+0xda/0x1b0\n[ 155758.157133] workingset_refault+0xca/0x1e0\n[ 155758.165508] filemap_add_folio+0x4d/0x70\n[ 155758.173538] page_cache_ra_unbounded+0xed/0x190\n[ 155758.182919] page_cache_sync_ra+0xd6/0x1e0\n[ 155758.191738] filemap_read+0x68d/0xdf0\n[ 155758.199495] ? mlx5e_napi_poll+0x123/0x940\n[ 155758.207981] ? __napi_schedule+0x55/0x90\n[ 155758.216095] __x64_sys_pread64+0x1d6/0x2c0\n[ 155758.224601] do_syscall_64+0x3d/0x80\n[ 155758.232058] entry_SYSCALL_64_after_hwframe+0x46/0xb0\n[ 155758.242473] RIP: 0033:0x7f62c29153b5\n[ 155758.249938] Code: e8 48 89 75 f0 89 7d f8 48 89 4d e0 e8 b4 e6 f7 ff 41 89 c0 4c 8b 55 e0 48 8b 55 e8 48 8b 75 f0 8b 7d f8 b8 11 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 33 44 89 c7 48 89 45 f8 e8 e7 e6 f7 ff 48 8b\n[ 155758.288005] RSP: 002b:00007f6234c5ffd0 EFLAGS: 00000293 ORIG_RAX: 0000000000000011\n[ 155758.303474] RAX: ffffffffffffffda RBX: 00007f628c4e70c0 RCX: 00007f62c29153b5\n[ 155758.318075] RDX: 000000000003c041 RSI: 00007f61d2986000 RDI: 0000000000000076\n[ 155758.332678] RBP: 00007f6234c5fff0 R08: 0000000000000000 R09: 0000000064d5230c\n[ 155758.347452] R10: 000000000027d450 R11: 0000000000000293 R12: 000000000003c041\n[ 155758.362044] R13: 00007f61d2986000 R14: 00007f629e11b060 R15: 000000000027d450\n[ 155758.376661] \u003c/TASK\u003e\n\nThis patch fixes the issue by moving the memcg\u0027s id publication from the\nalloc stage to \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53621",
"url": "https://www.suse.com/security/cve/CVE-2023-53621"
},
{
"category": "external",
"summary": "SUSE Bug 1251323 for CVE-2023-53621",
"url": "https://bugzilla.suse.com/1251323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53621"
},
{
"cve": "CVE-2023-53622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix possible data races in gfs2_show_options()\n\nSome fields such as gt_logd_secs of the struct gfs2_tune are accessed\nwithout holding the lock gt_spin in gfs2_show_options():\n\n val = sdp-\u003esd_tune.gt_logd_secs;\n if (val != 30)\n seq_printf(s, \",commit=%d\", val);\n\nAnd thus can cause data races when gfs2_show_options() and other functions\nsuch as gfs2_reconfigure() are concurrently executed:\n\n spin_lock(\u0026gt-\u003egt_spin);\n gt-\u003egt_logd_secs = newargs-\u003ear_commit;\n\nTo fix these possible data races, the lock sdp-\u003esd_tune.gt_spin is\nacquired before accessing the fields of gfs2_tune and released after these\naccesses.\n\nFurther changes by Andreas:\n\n- Don\u0027t hold the spin lock over the seq_printf operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53622",
"url": "https://www.suse.com/security/cve/CVE-2023-53622"
},
{
"category": "external",
"summary": "SUSE Bug 1251777 for CVE-2023-53622",
"url": "https://bugzilla.suse.com/1251777"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53622"
},
{
"cve": "CVE-2023-53631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: dell-sysman: Fix reference leak\n\nIf a duplicate attribute is found using kset_find_obj(),\na reference to that attribute is returned. This means\nthat we need to dispose it accordingly. Use kobject_put()\nto dispose the duplicate attribute in such a case.\n\nCompile-tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53631",
"url": "https://www.suse.com/security/cve/CVE-2023-53631"
},
{
"category": "external",
"summary": "SUSE Bug 1251529 for CVE-2023-53631",
"url": "https://bugzilla.suse.com/1251529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53631"
},
{
"cve": "CVE-2023-53632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Take RTNL lock when needed before calling xdp_set_features()\n\nHold RTNL lock when calling xdp_set_features() with a registered netdev,\nas the call triggers the netdev notifiers. This could happen when\nswitching from uplink rep to nic profile for example.\n\nThis resolves the following call trace:\n\nRTNL: assertion failed at net/core/dev.c (1953)\nWARNING: CPU: 6 PID: 112670 at net/core/dev.c:1953 call_netdevice_notifiers_info+0x7c/0x80\nModules linked in: sch_mqprio sch_mqprio_lib act_tunnel_key act_mirred act_skbedit cls_matchall nfnetlink_cttimeout act_gact cls_flower sch_ingress bonding ib_umad ip_gre rdma_ucm mlx5_vfio_pci ipip tunnel4 ip6_gre gre mlx5_ib vfio_pci vfio_pci_core vfio_iommu_type1 ib_uverbs vfio mlx5_core ib_ipoib geneve nf_tables ip6_tunnel tunnel6 iptable_raw openvswitch nsh rpcrdma ib_iser libiscsi scsi_transport_iscsi rdma_cm iw_cm ib_cm ib_core xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xt_addrtype iptable_nat nf_nat br_netfilter rpcsec_gss_krb5 auth_rpcgss oid_registry overlay zram zsmalloc fuse [last unloaded: ib_uverbs]\nCPU: 6 PID: 112670 Comm: devlink Not tainted 6.4.0-rc7_for_upstream_min_debug_2023_06_28_17_02 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:call_netdevice_notifiers_info+0x7c/0x80\nCode: 90 ff 80 3d 2d 6b f7 00 00 75 c5 ba a1 07 00 00 48 c7 c6 e4 ce 0b 82 48 c7 c7 c8 f4 04 82 c6 05 11 6b f7 00 01 e8 a4 7c 8e ff \u003c0f\u003e 0b eb a2 0f 1f 44 00 00 55 48 89 e5 41 54 48 83 e4 f0 48 83 ec\nRSP: 0018:ffff8882a21c3948 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffffffff82e6f880 RCX: 0000000000000027\nRDX: ffff88885f99b5c8 RSI: 0000000000000001 RDI: ffff88885f99b5c0\nRBP: 0000000000000028 R08: ffff88887ffabaa8 R09: 0000000000000003\nR10: ffff88887fecbac0 R11: ffff88887ff7bac0 R12: ffff8882a21c3968\nR13: ffff88811c018940 R14: 0000000000000000 R15: ffff8881274401a0\nFS: 00007fe141c81800(0000) GS:ffff88885f980000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f787c28b948 CR3: 000000014bcf3005 CR4: 0000000000370ea0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x79/0x120\n ? call_netdevice_notifiers_info+0x7c/0x80\n ? report_bug+0x17c/0x190\n ? handle_bug+0x3c/0x60\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? call_netdevice_notifiers_info+0x7c/0x80\n ? call_netdevice_notifiers_info+0x7c/0x80\n call_netdevice_notifiers+0x2e/0x50\n mlx5e_set_xdp_feature+0x21/0x50 [mlx5_core]\n mlx5e_nic_init+0xf1/0x1a0 [mlx5_core]\n mlx5e_netdev_init_profile+0x76/0x110 [mlx5_core]\n mlx5e_netdev_attach_profile+0x1f/0x90 [mlx5_core]\n mlx5e_netdev_change_profile+0x92/0x160 [mlx5_core]\n mlx5e_netdev_attach_nic_profile+0x1b/0x30 [mlx5_core]\n mlx5e_vport_rep_unload+0xaa/0xc0 [mlx5_core]\n __esw_offloads_unload_rep+0x52/0x60 [mlx5_core]\n mlx5_esw_offloads_rep_unload+0x52/0x70 [mlx5_core]\n esw_offloads_unload_rep+0x34/0x70 [mlx5_core]\n esw_offloads_disable+0x2b/0x90 [mlx5_core]\n mlx5_eswitch_disable_locked+0x1b9/0x210 [mlx5_core]\n mlx5_devlink_eswitch_mode_set+0xf5/0x630 [mlx5_core]\n ? devlink_get_from_attrs_lock+0x9e/0x110\n devlink_nl_cmd_eswitch_set_doit+0x60/0xe0\n genl_family_rcv_msg_doit.isra.0+0xc2/0x110\n genl_rcv_msg+0x17d/0x2b0\n ? devlink_get_from_attrs_lock+0x110/0x110\n ? devlink_nl_cmd_eswitch_get_doit+0x290/0x290\n ? devlink_pernet_pre_exit+0xf0/0xf0\n ? genl_family_rcv_msg_doit.isra.0+0x110/0x110\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1f6/0x2c0\n netlink_sendmsg+0x232/0x4a0\n sock_sendmsg+0x38/0x60\n ? _copy_from_user+0x2a/0x60\n __sys_sendto+0x110/0x160\n ? __count_memcg_events+0x48/0x90\n ? handle_mm_fault+0x161/0x260\n ? do_user_addr_fault+0x278/0x6e0\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\nRIP: 0033\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53632",
"url": "https://www.suse.com/security/cve/CVE-2023-53632"
},
{
"category": "external",
"summary": "SUSE Bug 1251269 for CVE-2023-53632",
"url": "https://bugzilla.suse.com/1251269"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53632"
},
{
"cve": "CVE-2023-53633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/qaic: Fix a leak in map_user_pages()\n\nIf get_user_pages_fast() allocates some pages but not as many as we\nwanted, then the current code leaks those pages. Call put_page() on\nthe pages before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53633",
"url": "https://www.suse.com/security/cve/CVE-2023-53633"
},
{
"category": "external",
"summary": "SUSE Bug 1251746 for CVE-2023-53633",
"url": "https://bugzilla.suse.com/1251746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53633"
},
{
"cve": "CVE-2023-53638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteon_ep: cancel queued works in probe error path\n\nIf it fails to get the devices\u0027s MAC address, octep_probe exits while\nleaving the delayed work intr_poll_task queued. When the work later\nruns, it\u0027s a use after free.\n\nMove the cancelation of intr_poll_task from octep_remove into\noctep_device_cleanup. This does not change anything in the octep_remove\nflow, but octep_device_cleanup is called also in the octep_probe error\npath, where the cancelation is needed.\n\nNote that the cancelation of ctrl_mbox_task has to follow\nintr_poll_task\u0027s, because the ctrl_mbox_task may be queued by\nintr_poll_task.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53638",
"url": "https://www.suse.com/security/cve/CVE-2023-53638"
},
{
"category": "external",
"summary": "SUSE Bug 1251328 for CVE-2023-53638",
"url": "https://bugzilla.suse.com/1251328"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53638"
},
{
"cve": "CVE-2023-53645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53645"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Make bpf_refcount_acquire fallible for non-owning refs\n\nThis patch fixes an incorrect assumption made in the original\nbpf_refcount series [0], specifically that the BPF program calling\nbpf_refcount_acquire on some node can always guarantee that the node is\nalive. In that series, the patch adding failure behavior to rbtree_add\nand list_push_{front, back} breaks this assumption for non-owning\nreferences.\n\nConsider the following program:\n\n n = bpf_kptr_xchg(\u0026mapval, NULL);\n /* skip error checking */\n\n bpf_spin_lock(\u0026l);\n if(bpf_rbtree_add(\u0026t, \u0026n-\u003erb, less)) {\n bpf_refcount_acquire(n);\n /* Failed to add, do something else with the node */\n }\n bpf_spin_unlock(\u0026l);\n\nIt\u0027s incorrect to assume that bpf_refcount_acquire will always succeed in this\nscenario. bpf_refcount_acquire is being called in a critical section\nhere, but the lock being held is associated with rbtree t, which isn\u0027t\nnecessarily the lock associated with the tree that the node is already\nin. So after bpf_rbtree_add fails to add the node and calls bpf_obj_drop\nin it, the program has no ownership of the node\u0027s lifetime. Therefore\nthe node\u0027s refcount can be decr\u0027d to 0 at any time after the failing\nrbtree_add. If this happens before the refcount_acquire above, the node\nmight be free\u0027d, and regardless refcount_acquire will be incrementing a\n0 refcount.\n\nLater patches in the series exercise this scenario, resulting in the\nexpected complaint from the kernel (without this patch\u0027s changes):\n\n refcount_t: addition on 0; use-after-free.\n WARNING: CPU: 1 PID: 207 at lib/refcount.c:25 refcount_warn_saturate+0xbc/0x110\n Modules linked in: bpf_testmod(O)\n CPU: 1 PID: 207 Comm: test_progs Tainted: G O 6.3.0-rc7-02231-g723de1a718a2-dirty #371\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.15.0-0-g2dd4b9b3f840-prebuilt.qemu.org 04/01/2014\n RIP: 0010:refcount_warn_saturate+0xbc/0x110\n Code: 6f 64 f6 02 01 e8 84 a3 5c ff 0f 0b eb 9d 80 3d 5e 64 f6 02 00 75 94 48 c7 c7 e0 13 d2 82 c6 05 4e 64 f6 02 01 e8 64 a3 5c ff \u003c0f\u003e 0b e9 7a ff ff ff 80 3d 38 64 f6 02 00 0f 85 6d ff ff ff 48 c7\n RSP: 0018:ffff88810b9179b0 EFLAGS: 00010082\n RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000\n RDX: 0000000000000202 RSI: 0000000000000008 RDI: ffffffff857c3680\n RBP: ffff88810027d3c0 R08: ffffffff8125f2a4 R09: ffff88810b9176e7\n R10: ffffed1021722edc R11: 746e756f63666572 R12: ffff88810027d388\n R13: ffff88810027d3c0 R14: ffffc900005fe030 R15: ffffc900005fe048\n FS: 00007fee0584a700(0000) GS:ffff88811b280000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00005634a96f6c58 CR3: 0000000108ce9002 CR4: 0000000000770ee0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n bpf_refcount_acquire_impl+0xb5/0xc0\n\n (rest of output snipped)\n\nThe patch addresses this by changing bpf_refcount_acquire_impl to use\nrefcount_inc_not_zero instead of refcount_inc and marking\nbpf_refcount_acquire KF_RET_NULL.\n\nFor owning references, though, we know the above scenario is not possible\nand thus that bpf_refcount_acquire will always succeed. Some verifier\nbookkeeping is added to track \"is input owning ref?\" for bpf_refcount_acquire\ncalls and return false from is_kfunc_ret_null for bpf_refcount_acquire on\nowning refs despite it being marked KF_RET_NULL.\n\nExisting selftests using bpf_refcount_acquire are modified where\nnecessary to NULL-check its return value.\n\n [0]: https://lore.kernel.org/bpf/20230415201811.343116-1-davemarchevsky@fb.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53645",
"url": "https://www.suse.com/security/cve/CVE-2023-53645"
},
{
"category": "external",
"summary": "SUSE Bug 1251321 for CVE-2023-53645",
"url": "https://bugzilla.suse.com/1251321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53645"
},
{
"cve": "CVE-2023-53646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53646"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/perf: add sentinel to xehp_oa_b_counters\n\nArrays passed to reg_in_range_table should end with empty record.\n\nThe patch solves KASAN detected bug with signature:\nBUG: KASAN: global-out-of-bounds in xehp_is_valid_b_counter_addr+0x2c7/0x350 [i915]\nRead of size 4 at addr ffffffffa1555d90 by task perf/1518\n\nCPU: 4 PID: 1518 Comm: perf Tainted: G U 6.4.0-kasan_438-g3303d06107f3+ #1\nHardware name: Intel Corporation Meteor Lake Client Platform/MTL-P DDR5 SODIMM SBS RVP, BIOS MTLPFWI1.R00.3223.D80.2305311348 05/31/2023\nCall Trace:\n\u003cTASK\u003e\n...\nxehp_is_valid_b_counter_addr+0x2c7/0x350 [i915]\n\n(cherry picked from commit 2f42c5afb34b5696cf5fe79e744f99be9b218798)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53646",
"url": "https://www.suse.com/security/cve/CVE-2023-53646"
},
{
"category": "external",
"summary": "SUSE Bug 1251742 for CVE-2023-53646",
"url": "https://bugzilla.suse.com/1251742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53646"
},
{
"cve": "CVE-2023-53647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Don\u0027t dereference ACPI root object handle\n\nSince the commit referenced in the Fixes: tag below the VMBus client driver\nis walking the ACPI namespace up from the VMBus ACPI device to the ACPI\nnamespace root object trying to find Hyper-V MMIO ranges.\n\nHowever, if it is not able to find them it ends trying to walk resources of\nthe ACPI namespace root object itself.\nThis object has all-ones handle, which causes a NULL pointer dereference\nin the ACPI code (from dereferencing this pointer with an offset).\n\nThis in turn causes an oops on boot with VMBus host implementations that do\nnot provide Hyper-V MMIO ranges in their VMBus ACPI device or its\nancestors.\nThe QEMU VMBus implementation is an example of such implementation.\n\nI guess providing these ranges is optional, since all tested Windows\nversions seem to be able to use VMBus devices without them.\n\nFix this by explicitly terminating the lookup at the ACPI namespace root\nobject.\n\nNote that Linux guests under KVM/QEMU do not use the Hyper-V PV interface\nby default - they only do so if the KVM PV interface is missing or\ndisabled.\n\nExample stack trace of such oops:\n[ 3.710827] ? __die+0x1f/0x60\n[ 3.715030] ? page_fault_oops+0x159/0x460\n[ 3.716008] ? exc_page_fault+0x73/0x170\n[ 3.716959] ? asm_exc_page_fault+0x22/0x30\n[ 3.717957] ? acpi_ns_lookup+0x7a/0x4b0\n[ 3.718898] ? acpi_ns_internalize_name+0x79/0xc0\n[ 3.720018] acpi_ns_get_node_unlocked+0xb5/0xe0\n[ 3.721120] ? acpi_ns_check_object_type+0xfe/0x200\n[ 3.722285] ? acpi_rs_convert_aml_to_resource+0x37/0x6e0\n[ 3.723559] ? down_timeout+0x3a/0x60\n[ 3.724455] ? acpi_ns_get_node+0x3a/0x60\n[ 3.725412] acpi_ns_get_node+0x3a/0x60\n[ 3.726335] acpi_ns_evaluate+0x1c3/0x2c0\n[ 3.727295] acpi_ut_evaluate_object+0x64/0x1b0\n[ 3.728400] acpi_rs_get_method_data+0x2b/0x70\n[ 3.729476] ? vmbus_platform_driver_probe+0x1d0/0x1d0 [hv_vmbus]\n[ 3.730940] ? vmbus_platform_driver_probe+0x1d0/0x1d0 [hv_vmbus]\n[ 3.732411] acpi_walk_resources+0x78/0xd0\n[ 3.733398] vmbus_platform_driver_probe+0x9f/0x1d0 [hv_vmbus]\n[ 3.734802] platform_probe+0x3d/0x90\n[ 3.735684] really_probe+0x19b/0x400\n[ 3.736570] ? __device_attach_driver+0x100/0x100\n[ 3.737697] __driver_probe_device+0x78/0x160\n[ 3.738746] driver_probe_device+0x1f/0x90\n[ 3.739743] __driver_attach+0xc2/0x1b0\n[ 3.740671] bus_for_each_dev+0x70/0xc0\n[ 3.741601] bus_add_driver+0x10e/0x210\n[ 3.742527] driver_register+0x55/0xf0\n[ 3.744412] ? 0xffffffffc039a000\n[ 3.745207] hv_acpi_init+0x3c/0x1000 [hv_vmbus]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53647",
"url": "https://www.suse.com/security/cve/CVE-2023-53647"
},
{
"category": "external",
"summary": "SUSE Bug 1251732 for CVE-2023-53647",
"url": "https://bugzilla.suse.com/1251732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53647"
},
{
"cve": "CVE-2023-53648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer\n\nsmatch error:\nsound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error:\nwe previously assumed \u0027rac97\u0027 could be null (see line 2072)\n\nremove redundant assignment, return error if rac97 is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53648",
"url": "https://www.suse.com/security/cve/CVE-2023-53648"
},
{
"category": "external",
"summary": "SUSE Bug 1251750 for CVE-2023-53648",
"url": "https://bugzilla.suse.com/1251750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53648"
},
{
"cve": "CVE-2023-53649",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53649"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf trace: Really free the evsel-\u003epriv area\n\nIn 3cb4d5e00e037c70 (\"perf trace: Free syscall tp fields in\nevsel-\u003epriv\") it only was freeing if strcmp(evsel-\u003etp_format-\u003esystem,\n\"syscalls\") returned zero, while the corresponding initialization of\nevsel-\u003epriv was being performed if it was _not_ zero, i.e. if the tp\nsystem wasn\u0027t \u0027syscalls\u0027.\n\nJust stop looking for that and free it if evsel-\u003epriv was set, which\nshould be equivalent.\n\nAlso use the pre-existing evsel_trace__delete() function.\n\nThis resolves these leaks, detected with:\n\n $ make EXTRA_CFLAGS=\"-fsanitize=address\" BUILD_BPF_SKEL=1 CORESIGHT=1 O=/tmp/build/perf-tools-next -C tools/perf install-bin\n\n =================================================================\n ==481565==ERROR: LeakSanitizer: detected memory leaks\n\n Direct leak of 40 byte(s) in 1 object(s) allocated from:\n #0 0x7f7343cba097 in calloc (/lib64/libasan.so.8+0xba097)\n #1 0x987966 in zalloc (/home/acme/bin/perf+0x987966)\n #2 0x52f9b9 in evsel_trace__new /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:307\n #3 0x52f9b9 in evsel__syscall_tp /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:333\n #4 0x52f9b9 in evsel__init_raw_syscall_tp /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:458\n #5 0x52f9b9 in perf_evsel__raw_syscall_newtp /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:480\n #6 0x540e8b in trace__add_syscall_newtp /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:3212\n #7 0x540e8b in trace__run /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:3891\n #8 0x540e8b in cmd_trace /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:5156\n #9 0x5ef262 in run_builtin /home/acme/git/perf-tools-next/tools/perf/perf.c:323\n #10 0x4196da in handle_internal_command /home/acme/git/perf-tools-next/tools/perf/perf.c:377\n #11 0x4196da in run_argv /home/acme/git/perf-tools-next/tools/perf/perf.c:421\n #12 0x4196da in main /home/acme/git/perf-tools-next/tools/perf/perf.c:537\n #13 0x7f7342c4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)\n\n Direct leak of 40 byte(s) in 1 object(s) allocated from:\n #0 0x7f7343cba097 in calloc (/lib64/libasan.so.8+0xba097)\n #1 0x987966 in zalloc (/home/acme/bin/perf+0x987966)\n #2 0x52f9b9 in evsel_trace__new /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:307\n #3 0x52f9b9 in evsel__syscall_tp /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:333\n #4 0x52f9b9 in evsel__init_raw_syscall_tp /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:458\n #5 0x52f9b9 in perf_evsel__raw_syscall_newtp /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:480\n #6 0x540dd1 in trace__add_syscall_newtp /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:3205\n #7 0x540dd1 in trace__run /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:3891\n #8 0x540dd1 in cmd_trace /home/acme/git/perf-tools-next/tools/perf/builtin-trace.c:5156\n #9 0x5ef262 in run_builtin /home/acme/git/perf-tools-next/tools/perf/perf.c:323\n #10 0x4196da in handle_internal_command /home/acme/git/perf-tools-next/tools/perf/perf.c:377\n #11 0x4196da in run_argv /home/acme/git/perf-tools-next/tools/perf/perf.c:421\n #12 0x4196da in main /home/acme/git/perf-tools-next/tools/perf/perf.c:537\n #13 0x7f7342c4a50f in __libc_start_call_main (/lib64/libc.so.6+0x2750f)\n\n SUMMARY: AddressSanitizer: 80 byte(s) leaked in 2 allocation(s).\n [root@quaco ~]#\n\nWith this we plug all leaks with \"perf trace sleep 1\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53649",
"url": "https://www.suse.com/security/cve/CVE-2023-53649"
},
{
"category": "external",
"summary": "SUSE Bug 1251749 for CVE-2023-53649",
"url": "https://bugzilla.suse.com/1251749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53649"
},
{
"cve": "CVE-2023-53650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe()\n\nIf \u0027mipid_detect()\u0027 fails, we must free \u0027md\u0027 to avoid a memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53650",
"url": "https://www.suse.com/security/cve/CVE-2023-53650"
},
{
"category": "external",
"summary": "SUSE Bug 1251283 for CVE-2023-53650",
"url": "https://bugzilla.suse.com/1251283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53650"
},
{
"cve": "CVE-2023-53652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvdpa: Add features attr to vdpa_nl_policy for nlattr length check\n\nThe vdpa_nl_policy structure is used to validate the nlattr when parsing\nthe incoming nlmsg. It will ensure the attribute being described produces\na valid nlattr pointer in info-\u003eattrs before entering into each handler\nin vdpa_nl_ops.\n\nThat is to say, the missing part in vdpa_nl_policy may lead to illegal\nnlattr after parsing, which could lead to OOB read just like CVE-2023-3773.\n\nThis patch adds the missing nla_policy for vdpa features attr to avoid\nsuch bugs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53652",
"url": "https://www.suse.com/security/cve/CVE-2023-53652"
},
{
"category": "external",
"summary": "SUSE Bug 1251754 for CVE-2023-53652",
"url": "https://bugzilla.suse.com/1251754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53652"
},
{
"cve": "CVE-2023-53653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: amphion: fix REVERSE_INULL issues reported by coverity\n\nnull-checking of a pointor is suggested before dereferencing it",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53653",
"url": "https://www.suse.com/security/cve/CVE-2023-53653"
},
{
"category": "external",
"summary": "SUSE Bug 1251755 for CVE-2023-53653",
"url": "https://bugzilla.suse.com/1251755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53653"
},
{
"cve": "CVE-2023-53654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53654"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Add validation before accessing cgx and lmac\n\nwith the addition of new MAC blocks like CN10K RPM and CN10KB\nRPM_USX, LMACs are noncontiguous and CGX blocks are also\nnoncontiguous. But during RVU driver initialization, the driver\nis assuming they are contiguous and trying to access\ncgx or lmac with their id which is resulting in kernel panic.\n\nThis patch fixes the issue by adding proper checks.\n\n[ 23.219150] pc : cgx_lmac_read+0x38/0x70\n[ 23.219154] lr : rvu_program_channels+0x3f0/0x498\n[ 23.223852] sp : ffff000100d6fc80\n[ 23.227158] x29: ffff000100d6fc80 x28: ffff00010009f880 x27:\n000000000000005a\n[ 23.234288] x26: ffff000102586768 x25: 0000000000002500 x24:\nfffffffffff0f000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53654",
"url": "https://www.suse.com/security/cve/CVE-2023-53654"
},
{
"category": "external",
"summary": "SUSE Bug 1251756 for CVE-2023-53654",
"url": "https://bugzilla.suse.com/1251756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53654"
},
{
"cve": "CVE-2023-53656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: Don\u0027t migrate perf to the CPU going to teardown\n\nThe driver needs to migrate the perf context if the current using CPU going\nto teardown. By the time calling the cpuhp::teardown() callback the\ncpu_online_mask() hasn\u0027t updated yet and still includes the CPU going to\nteardown. In current driver\u0027s implementation we may migrate the context\nto the teardown CPU and leads to the below calltrace:\n\n...\n[ 368.104662][ T932] task:cpuhp/0 state:D stack: 0 pid: 15 ppid: 2 flags:0x00000008\n[ 368.113699][ T932] Call trace:\n[ 368.116834][ T932] __switch_to+0x7c/0xbc\n[ 368.120924][ T932] __schedule+0x338/0x6f0\n[ 368.125098][ T932] schedule+0x50/0xe0\n[ 368.128926][ T932] schedule_preempt_disabled+0x18/0x24\n[ 368.134229][ T932] __mutex_lock.constprop.0+0x1d4/0x5dc\n[ 368.139617][ T932] __mutex_lock_slowpath+0x1c/0x30\n[ 368.144573][ T932] mutex_lock+0x50/0x60\n[ 368.148579][ T932] perf_pmu_migrate_context+0x84/0x2b0\n[ 368.153884][ T932] hisi_pcie_pmu_offline_cpu+0x90/0xe0 [hisi_pcie_pmu]\n[ 368.160579][ T932] cpuhp_invoke_callback+0x2a0/0x650\n[ 368.165707][ T932] cpuhp_thread_fun+0xe4/0x190\n[ 368.170316][ T932] smpboot_thread_fn+0x15c/0x1a0\n[ 368.175099][ T932] kthread+0x108/0x13c\n[ 368.179012][ T932] ret_from_fork+0x10/0x18\n...\n\nUse function cpumask_any_but() to find one correct active cpu to fixes\nthis issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53656",
"url": "https://www.suse.com/security/cve/CVE-2023-53656"
},
{
"category": "external",
"summary": "SUSE Bug 1251758 for CVE-2023-53656",
"url": "https://bugzilla.suse.com/1251758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53656"
},
{
"cve": "CVE-2023-53657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53657"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: Don\u0027t tx before switchdev is fully configured\n\nThere is possibility that ice_eswitch_port_start_xmit might be\ncalled while some resources are still not allocated which might\ncause NULL pointer dereference. Fix this by checking if switchdev\nconfiguration was finished.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53657",
"url": "https://www.suse.com/security/cve/CVE-2023-53657"
},
{
"category": "external",
"summary": "SUSE Bug 1251319 for CVE-2023-53657",
"url": "https://bugzilla.suse.com/1251319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53657"
},
{
"cve": "CVE-2023-53658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: bcm-qspi: return error if neither hif_mspi nor mspi is available\n\nIf neither a \"hif_mspi\" nor \"mspi\" resource is present, the driver will\njust early exit in probe but still return success. Apart from not doing\nanything meaningful, this would then also lead to a null pointer access\non removal, as platform_get_drvdata() would return NULL, which it would\nthen try to dereference when trying to unregister the spi master.\n\nFix this by unconditionally calling devm_ioremap_resource(), as it can\nhandle a NULL res and will then return a viable ERR_PTR() if we get one.\n\nThe \"return 0;\" was previously a \"goto qspi_resource_err;\" where then\nret was returned, but since ret was still initialized to 0 at this place\nthis was a valid conversion in 63c5395bb7a9 (\"spi: bcm-qspi: Fix\nuse-after-free on unbind\"). The issue was not introduced by this commit,\nonly made more obvious.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53658",
"url": "https://www.suse.com/security/cve/CVE-2023-53658"
},
{
"category": "external",
"summary": "SUSE Bug 1251759 for CVE-2023-53658",
"url": "https://bugzilla.suse.com/1251759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53658"
},
{
"cve": "CVE-2023-53659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niavf: Fix out-of-bounds when setting channels on remove\n\nIf we set channels greater during iavf_remove(), and waiting reset done\nwould be timeout, then returned with error but changed num_active_queues\ndirectly, that will lead to OOB like the following logs. Because the\nnum_active_queues is greater than tx/rx_rings[] allocated actually.\n\nReproducer:\n\n [root@host ~]# cat repro.sh\n #!/bin/bash\n\n pf_dbsf=\"0000:41:00.0\"\n vf0_dbsf=\"0000:41:02.0\"\n g_pids=()\n\n function do_set_numvf()\n {\n echo 2 \u003e/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n echo 0 \u003e/sys/bus/pci/devices/${pf_dbsf}/sriov_numvfs\n sleep $((RANDOM%3+1))\n }\n\n function do_set_channel()\n {\n local nic=$(ls -1 --indicator-style=none /sys/bus/pci/devices/${vf0_dbsf}/net/)\n [ -z \"$nic\" ] \u0026\u0026 { sleep $((RANDOM%3)) ; return 1; }\n ifconfig $nic 192.168.18.5 netmask 255.255.255.0\n ifconfig $nic up\n ethtool -L $nic combined 1\n ethtool -L $nic combined 4\n sleep $((RANDOM%3))\n }\n\n function on_exit()\n {\n local pid\n for pid in \"${g_pids[@]}\"; do\n kill -0 \"$pid\" \u0026\u003e/dev/null \u0026\u0026 kill \"$pid\" \u0026\u003e/dev/null\n done\n g_pids=()\n }\n\n trap \"on_exit; exit\" EXIT\n\n while :; do do_set_numvf ; done \u0026\n g_pids+=($!)\n while :; do do_set_channel ; done \u0026\n g_pids+=($!)\n\n wait\n\nResult:\n\n[ 3506.152887] iavf 0000:41:02.0: Removing device\n[ 3510.400799] ==================================================================\n[ 3510.400820] BUG: KASAN: slab-out-of-bounds in iavf_free_all_tx_resources+0x156/0x160 [iavf]\n[ 3510.400823] Read of size 8 at addr ffff88b6f9311008 by task repro.sh/55536\n[ 3510.400823]\n[ 3510.400830] CPU: 101 PID: 55536 Comm: repro.sh Kdump: loaded Tainted: G O --------- -t - 4.18.0 #1\n[ 3510.400832] Hardware name: Powerleader PR2008AL/H12DSi-N6, BIOS 2.0 04/09/2021\n[ 3510.400835] Call Trace:\n[ 3510.400851] dump_stack+0x71/0xab\n[ 3510.400860] print_address_description+0x6b/0x290\n[ 3510.400865] ? iavf_free_all_tx_resources+0x156/0x160 [iavf]\n[ 3510.400868] kasan_report+0x14a/0x2b0\n[ 3510.400873] iavf_free_all_tx_resources+0x156/0x160 [iavf]\n[ 3510.400880] iavf_remove+0x2b6/0xc70 [iavf]\n[ 3510.400884] ? iavf_free_all_rx_resources+0x160/0x160 [iavf]\n[ 3510.400891] ? wait_woken+0x1d0/0x1d0\n[ 3510.400895] ? notifier_call_chain+0xc1/0x130\n[ 3510.400903] pci_device_remove+0xa8/0x1f0\n[ 3510.400910] device_release_driver_internal+0x1c6/0x460\n[ 3510.400916] pci_stop_bus_device+0x101/0x150\n[ 3510.400919] pci_stop_and_remove_bus_device+0xe/0x20\n[ 3510.400924] pci_iov_remove_virtfn+0x187/0x420\n[ 3510.400927] ? pci_iov_add_virtfn+0xe10/0xe10\n[ 3510.400929] ? pci_get_subsys+0x90/0x90\n[ 3510.400932] sriov_disable+0xed/0x3e0\n[ 3510.400936] ? bus_find_device+0x12d/0x1a0\n[ 3510.400953] i40e_free_vfs+0x754/0x1210 [i40e]\n[ 3510.400966] ? i40e_reset_all_vfs+0x880/0x880 [i40e]\n[ 3510.400968] ? pci_get_device+0x7c/0x90\n[ 3510.400970] ? pci_get_subsys+0x90/0x90\n[ 3510.400982] ? pci_vfs_assigned.part.7+0x144/0x210\n[ 3510.400987] ? __mutex_lock_slowpath+0x10/0x10\n[ 3510.400996] i40e_pci_sriov_configure+0x1fa/0x2e0 [i40e]\n[ 3510.401001] sriov_numvfs_store+0x214/0x290\n[ 3510.401005] ? sriov_totalvfs_show+0x30/0x30\n[ 3510.401007] ? __mutex_lock_slowpath+0x10/0x10\n[ 3510.401011] ? __check_object_size+0x15a/0x350\n[ 3510.401018] kernfs_fop_write+0x280/0x3f0\n[ 3510.401022] vfs_write+0x145/0x440\n[ 3510.401025] ksys_write+0xab/0x160\n[ 3510.401028] ? __ia32_sys_read+0xb0/0xb0\n[ 3510.401031] ? fput_many+0x1a/0x120\n[ 3510.401032] ? filp_close+0xf0/0x130\n[ 3510.401038] do_syscall_64+0xa0/0x370\n[ 3510.401041] ? page_fault+0x8/0x30\n[ 3510.401043] entry_SYSCALL_64_after_hwframe+0x65/0xca\n[ 3510.401073] RIP: 0033:0x7f3a9bb842c0\n[ 3510.401079] Code: 73 01 c3 48 8b 0d d8 cb 2c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 24 2d 00 00 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53659",
"url": "https://www.suse.com/security/cve/CVE-2023-53659"
},
{
"category": "external",
"summary": "SUSE Bug 1251247 for CVE-2023-53659",
"url": "https://bugzilla.suse.com/1251247"
},
{
"category": "external",
"summary": "SUSE Bug 1251248 for CVE-2023-53659",
"url": "https://bugzilla.suse.com/1251248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2023-53659"
},
{
"cve": "CVE-2023-53660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, cpumap: Handle skb as well when clean up ptr_ring\n\nThe following warning was reported when running xdp_redirect_cpu with\nboth skb-mode and stress-mode enabled:\n\n ------------[ cut here ]------------\n Incorrect XDP memory type (-2128176192) usage\n WARNING: CPU: 7 PID: 1442 at net/core/xdp.c:405\n Modules linked in:\n CPU: 7 PID: 1442 Comm: kworker/7:0 Tainted: G 6.5.0-rc2+ #1\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n Workqueue: events __cpu_map_entry_free\n RIP: 0010:__xdp_return+0x1e4/0x4a0\n ......\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x65/0x70\n ? __warn+0xa5/0x240\n ? __xdp_return+0x1e4/0x4a0\n ......\n xdp_return_frame+0x4d/0x150\n __cpu_map_entry_free+0xf9/0x230\n process_one_work+0x6b0/0xb80\n worker_thread+0x96/0x720\n kthread+0x1a5/0x1f0\n ret_from_fork+0x3a/0x70\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nThe reason for the warning is twofold. One is due to the kthread\ncpu_map_kthread_run() is stopped prematurely. Another one is\n__cpu_map_ring_cleanup() doesn\u0027t handle skb mode and treats skbs in\nptr_ring as XDP frames.\n\nPrematurely-stopped kthread will be fixed by the preceding patch and\nptr_ring will be empty when __cpu_map_ring_cleanup() is called. But\nas the comments in __cpu_map_ring_cleanup() said, handling and freeing\nskbs in ptr_ring as well to \"catch any broken behaviour gracefully\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53660",
"url": "https://www.suse.com/security/cve/CVE-2023-53660"
},
{
"category": "external",
"summary": "SUSE Bug 1251721 for CVE-2023-53660",
"url": "https://bugzilla.suse.com/1251721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53660"
},
{
"cve": "CVE-2023-53662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53662"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix memory leaks in ext4_fname_{setup_filename,prepare_lookup}\n\nIf the filename casefolding fails, we\u0027ll be leaking memory from the\nfscrypt_name struct, namely from the \u0027crypto_buf.name\u0027 member.\n\nMake sure we free it in the error path on both ext4_fname_setup_filename()\nand ext4_fname_prepare_lookup() functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53662",
"url": "https://www.suse.com/security/cve/CVE-2023-53662"
},
{
"category": "external",
"summary": "SUSE Bug 1251282 for CVE-2023-53662",
"url": "https://bugzilla.suse.com/1251282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53662"
},
{
"cve": "CVE-2023-53663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: nSVM: Check instead of asserting on nested TSC scaling support\n\nCheck for nested TSC scaling support on nested SVM VMRUN instead of\nasserting that TSC scaling is exposed to L1 if L1\u0027s MSR_AMD64_TSC_RATIO\nhas diverged from KVM\u0027s default. Userspace can trigger the WARN at will\nby writing the MSR and then updating guest CPUID to hide the feature\n(modifying guest CPUID is allowed anytime before KVM_RUN). E.g. hacking\nKVM\u0027s state_test selftest to do\n\n\t\tvcpu_set_msr(vcpu, MSR_AMD64_TSC_RATIO, 0);\n\t\tvcpu_clear_cpuid_feature(vcpu, X86_FEATURE_TSCRATEMSR);\n\nafter restoring state in a new VM+vCPU yields an endless supply of:\n\n ------------[ cut here ]------------\n WARNING: CPU: 164 PID: 62565 at arch/x86/kvm/svm/nested.c:699\n nested_vmcb02_prepare_control+0x3d6/0x3f0 [kvm_amd]\n Call Trace:\n \u003cTASK\u003e\n enter_svm_guest_mode+0x114/0x560 [kvm_amd]\n nested_svm_vmrun+0x260/0x330 [kvm_amd]\n vmrun_interception+0x29/0x30 [kvm_amd]\n svm_invoke_exit_handler+0x35/0x100 [kvm_amd]\n svm_handle_exit+0xe7/0x180 [kvm_amd]\n kvm_arch_vcpu_ioctl_run+0x1eab/0x2570 [kvm]\n kvm_vcpu_ioctl+0x4c9/0x5b0 [kvm]\n __se_sys_ioctl+0x7a/0xc0\n __x64_sys_ioctl+0x21/0x30\n do_syscall_64+0x41/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n RIP: 0033:0x45ca1b\n\nNote, the nested #VMEXIT path has the same flaw, but needs a different\nfix and will be handled separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53663",
"url": "https://www.suse.com/security/cve/CVE-2023-53663"
},
{
"category": "external",
"summary": "SUSE Bug 1251290 for CVE-2023-53663",
"url": "https://bugzilla.suse.com/1251290"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53663"
},
{
"cve": "CVE-2023-53665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: don\u0027t dereference mddev after export_rdev()\n\nExcept for initial reference, mddev-\u003ekobject is referenced by\nrdev-\u003ekobject, and if the last rdev is freed, there is no guarantee that\nmddev is still valid. Hence mddev should not be used anymore after\nexport_rdev().\n\nThis problem can be triggered by following test for mdadm at very\nlow rate:\n\nNew file: mdadm/tests/23rdev-lifetime\n\ndevname=${dev0##*/}\ndevt=`cat /sys/block/$devname/dev`\npid=\"\"\nruntime=2\n\nclean_up_test() {\n pill -9 $pid\n echo clear \u003e /sys/block/md0/md/array_state\n}\n\ntrap \u0027clean_up_test\u0027 EXIT\n\nadd_by_sysfs() {\n while true; do\n echo $devt \u003e /sys/block/md0/md/new_dev\n done\n}\n\nremove_by_sysfs(){\n while true; do\n echo remove \u003e /sys/block/md0/md/dev-${devname}/state\n done\n}\n\necho md0 \u003e /sys/module/md_mod/parameters/new_array || die \"create md0 failed\"\n\nadd_by_sysfs \u0026\npid=\"$pid $!\"\n\nremove_by_sysfs \u0026\npid=\"$pid $!\"\n\nsleep $runtime\nexit 0\n\nTest cmd:\n\n./test --save-logs --logdir=/tmp/ --keep-going --dev=loop --tests=23rdev-lifetime\n\nTest result:\n\ngeneral protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6bcb: 0000 [#4] PREEMPT SMP\nCPU: 0 PID: 1292 Comm: test Tainted: G D W 6.5.0-rc2-00121-g01e55c376936 #562\nRIP: 0010:md_wakeup_thread+0x9e/0x320 [md_mod]\nCall Trace:\n \u003cTASK\u003e\n mddev_unlock+0x1b6/0x310 [md_mod]\n rdev_attr_store+0xec/0x190 [md_mod]\n sysfs_kf_write+0x52/0x70\n kernfs_fop_write_iter+0x19a/0x2a0\n vfs_write+0x3b5/0x770\n ksys_write+0x74/0x150\n __x64_sys_write+0x22/0x30\n do_syscall_64+0x40/0x90\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nFix this problem by don\u0027t dereference mddev after export_rdev().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53665",
"url": "https://www.suse.com/security/cve/CVE-2023-53665"
},
{
"category": "external",
"summary": "SUSE Bug 1251270 for CVE-2023-53665",
"url": "https://bugzilla.suse.com/1251270"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53665"
},
{
"cve": "CVE-2023-53666",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53666"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: codecs: wcd938x: fix missing mbhc init error handling\n\nMBHC initialisation can fail so add the missing error handling to avoid\ndereferencing an error pointer when later configuring the jack:\n\n Unable to handle kernel paging request at virtual address fffffffffffffff8\n\n pc : wcd_mbhc_start+0x28/0x380 [snd_soc_wcd_mbhc]\n lr : wcd938x_codec_set_jack+0x28/0x48 [snd_soc_wcd938x]\n\n Call trace:\n wcd_mbhc_start+0x28/0x380 [snd_soc_wcd_mbhc]\n wcd938x_codec_set_jack+0x28/0x48 [snd_soc_wcd938x]\n snd_soc_component_set_jack+0x28/0x8c [snd_soc_core]\n qcom_snd_wcd_jack_setup+0x7c/0x19c [snd_soc_qcom_common]\n sc8280xp_snd_init+0x20/0x2c [snd_soc_sc8280xp]\n snd_soc_link_init+0x28/0x90 [snd_soc_core]\n snd_soc_bind_card+0x628/0xbfc [snd_soc_core]\n snd_soc_register_card+0xec/0x104 [snd_soc_core]\n devm_snd_soc_register_card+0x4c/0xa4 [snd_soc_core]\n sc8280xp_platform_probe+0xf0/0x108 [snd_soc_sc8280xp]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53666",
"url": "https://www.suse.com/security/cve/CVE-2023-53666"
},
{
"category": "external",
"summary": "SUSE Bug 1251760 for CVE-2023-53666",
"url": "https://bugzilla.suse.com/1251760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53666"
},
{
"cve": "CVE-2023-53668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53668"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix deadloop issue on reading trace_pipe\n\nSoft lockup occurs when reading file \u0027trace_pipe\u0027:\n\n watchdog: BUG: soft lockup - CPU#6 stuck for 22s! [cat:4488]\n [...]\n RIP: 0010:ring_buffer_empty_cpu+0xed/0x170\n RSP: 0018:ffff88810dd6fc48 EFLAGS: 00000246\n RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff93d1aaeb\n RDX: ffff88810a280040 RSI: 0000000000000008 RDI: ffff88811164b218\n RBP: ffff88811164b218 R08: 0000000000000000 R09: ffff88815156600f\n R10: ffffed102a2acc01 R11: 0000000000000001 R12: 0000000051651901\n R13: 0000000000000000 R14: ffff888115e49500 R15: 0000000000000000\n [...]\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f8d853c2000 CR3: 000000010dcd8000 CR4: 00000000000006e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n __find_next_entry+0x1a8/0x4b0\n ? peek_next_entry+0x250/0x250\n ? down_write+0xa5/0x120\n ? down_write_killable+0x130/0x130\n trace_find_next_entry_inc+0x3b/0x1d0\n tracing_read_pipe+0x423/0xae0\n ? tracing_splice_read_pipe+0xcb0/0xcb0\n vfs_read+0x16b/0x490\n ksys_read+0x105/0x210\n ? __ia32_sys_pwrite64+0x200/0x200\n ? switch_fpu_return+0x108/0x220\n do_syscall_64+0x33/0x40\n entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nThrough the vmcore, I found it\u0027s because in tracing_read_pipe(),\nring_buffer_empty_cpu() found some buffer is not empty but then it\ncannot read anything due to \"rb_num_of_entries() == 0\" always true,\nThen it infinitely loop the procedure due to user buffer not been\nfilled, see following code path:\n\n tracing_read_pipe() {\n ... ...\n waitagain:\n tracing_wait_pipe() // 1. find non-empty buffer here\n trace_find_next_entry_inc() // 2. loop here try to find an entry\n __find_next_entry()\n ring_buffer_empty_cpu(); // 3. find non-empty buffer\n peek_next_entry() // 4. but peek always return NULL\n ring_buffer_peek()\n rb_buffer_peek()\n rb_get_reader_page()\n // 5. because rb_num_of_entries() == 0 always true here\n // then return NULL\n // 6. user buffer not been filled so goto \u0027waitgain\u0027\n // and eventually leads to an deadloop in kernel!!!\n }\n\nBy some analyzing, I found that when resetting ringbuffer, the \u0027entries\u0027\nof its pages are not all cleared (see rb_reset_cpu()). Then when reducing\nthe ringbuffer, and if some reduced pages exist dirty \u0027entries\u0027 data, they\nwill be added into \u0027cpu_buffer-\u003eoverrun\u0027 (see rb_remove_pages()), which\ncause wrong \u0027overrun\u0027 count and eventually cause the deadloop issue.\n\nTo fix it, we need to clear every pages in rb_reset_cpu().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53668",
"url": "https://www.suse.com/security/cve/CVE-2023-53668"
},
{
"category": "external",
"summary": "SUSE Bug 1251286 for CVE-2023-53668",
"url": "https://bugzilla.suse.com/1251286"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53668"
},
{
"cve": "CVE-2023-53670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-core: fix dev_pm_qos memleak\n\nCall dev_pm_qos_hide_latency_tolerance() in the error unwind patch to\navoid following kmemleak:-\n\nblktests (master) # kmemleak-clear; ./check nvme/044;\nblktests (master) # kmemleak-scan ; kmemleak-show\nnvme/044 (Test bi-directional authentication) [passed]\n runtime 2.111s ... 2.124s\nunreferenced object 0xffff888110c46240 (size 96):\n comm \"nvme\", pid 33461, jiffies 4345365353 (age 75.586s)\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c0000000069ac2cec\u003e] kmalloc_trace+0x25/0x90\n [\u003c000000006acc66d5\u003e] dev_pm_qos_update_user_latency_tolerance+0x6f/0x100\n [\u003c00000000cc376ea7\u003e] nvme_init_ctrl+0x38e/0x410 [nvme_core]\n [\u003c000000007df61b4b\u003e] 0xffffffffc05e88b3\n [\u003c00000000d152b985\u003e] 0xffffffffc05744cb\n [\u003c00000000f04a4041\u003e] vfs_write+0xc5/0x3c0\n [\u003c00000000f9491baf\u003e] ksys_write+0x5f/0xe0\n [\u003c000000001c46513d\u003e] do_syscall_64+0x3b/0x90\n [\u003c00000000ecf348fe\u003e] entry_SYSCALL_64_after_hwframe+0x72/0xdc",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53670",
"url": "https://www.suse.com/security/cve/CVE-2023-53670"
},
{
"category": "external",
"summary": "SUSE Bug 1251762 for CVE-2023-53670",
"url": "https://bugzilla.suse.com/1251762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53670"
},
{
"cve": "CVE-2023-53672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: output extra debug info if we failed to find an inline backref\n\n[BUG]\nSyzbot reported several warning triggered inside\nlookup_inline_extent_backref().\n\n[CAUSE]\nAs usual, the reproducer doesn\u0027t reliably trigger locally here, but at\nleast we know the WARN_ON() is triggered when an inline backref can not\nbe found, and it can only be triggered when @insert is true. (I.e.\ninserting a new inline backref, which means the backref should already\nexist)\n\n[ENHANCEMENT]\nAfter the WARN_ON(), dump all the parameters and the extent tree\nleaf to help debug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53672",
"url": "https://www.suse.com/security/cve/CVE-2023-53672"
},
{
"category": "external",
"summary": "SUSE Bug 1251780 for CVE-2023-53672",
"url": "https://bugzilla.suse.com/1251780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53672"
},
{
"cve": "CVE-2023-53673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: call disconnect callback before deleting conn\n\nIn hci_cs_disconnect, we do hci_conn_del even if disconnection failed.\n\nISO, L2CAP and SCO connections refer to the hci_conn without\nhci_conn_get, so disconn_cfm must be called so they can clean up their\nconn, otherwise use-after-free occurs.\n\nISO:\n==========================================================\niso_sock_connect:880: sk 00000000eabd6557\niso_connect_cis:356: 70:1a:b8:98:ff:a2 -\u003e 28:3d:c2:4a:7e:da\n...\niso_conn_add:140: hcon 000000001696f1fd conn 00000000b6251073\nhci_dev_put:1487: hci0 orig refcnt 17\n__iso_chan_add:214: conn 00000000b6251073\niso_sock_clear_timer:117: sock 00000000eabd6557 state 3\n...\nhci_rx_work:4085: hci0 Event packet\nhci_event_packet:7601: hci0: event 0x0f\nhci_cmd_status_evt:4346: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3107: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon 000000001696f1fd handle 2560\nhci_conn_unlink:1102: hci0: hcon 000000001696f1fd\nhci_conn_drop:1451: hcon 00000000d8521aaf orig refcnt 2\nhci_chan_list_flush:2780: hcon 000000001696f1fd\nhci_dev_put:1487: hci0 orig refcnt 21\nhci_dev_put:1487: hci0 orig refcnt 20\nhci_req_cmd_complete:3978: opcode 0x0406 status 0x0c\n... \u003cno iso_* activity on sk/conn\u003e ...\niso_sock_sendmsg:1098: sock 00000000dea5e2e0, sk 00000000eabd6557\nBUG: kernel NULL pointer dereference, address: 0000000000000668\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nRIP: 0010:iso_sock_sendmsg (net/bluetooth/iso.c:1112) bluetooth\n==========================================================\n\nL2CAP:\n==================================================================\nhci_cmd_status_evt:4359: hci0: opcode 0x0406\nhci_cs_disconnect:2760: hci0: status 0x0c\nhci_sent_cmd_data:3085: hci0 opcode 0x0406\nhci_conn_del:1151: hci0 hcon ffff88800c999000 handle 3585\nhci_conn_unlink:1102: hci0: hcon ffff88800c999000\nhci_chan_list_flush:2780: hcon ffff88800c999000\nhci_chan_del:2761: hci0 hcon ffff88800c999000 chan ffff888018ddd280\n...\nBUG: KASAN: slab-use-after-free in hci_send_acl+0x2d/0x540 [bluetooth]\nRead of size 8 at addr ffff888018ddd298 by task bluetoothd/1175\n\nCPU: 0 PID: 1175 Comm: bluetoothd Tainted: G E 6.4.0-rc4+ #2\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-1.fc38 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5b/0x90\n print_report+0xcf/0x670\n ? __virt_addr_valid+0xf8/0x180\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n kasan_report+0xa8/0xe0\n ? hci_send_acl+0x2d/0x540 [bluetooth]\n hci_send_acl+0x2d/0x540 [bluetooth]\n ? __pfx___lock_acquire+0x10/0x10\n l2cap_chan_send+0x1fd/0x1300 [bluetooth]\n ? l2cap_sock_sendmsg+0xf2/0x170 [bluetooth]\n ? __pfx_l2cap_chan_send+0x10/0x10 [bluetooth]\n ? lock_release+0x1d5/0x3c0\n ? mark_held_locks+0x1a/0x90\n l2cap_sock_sendmsg+0x100/0x170 [bluetooth]\n sock_write_iter+0x275/0x280\n ? __pfx_sock_write_iter+0x10/0x10\n ? __pfx___lock_acquire+0x10/0x10\n do_iter_readv_writev+0x176/0x220\n ? __pfx_do_iter_readv_writev+0x10/0x10\n ? find_held_lock+0x83/0xa0\n ? selinux_file_permission+0x13e/0x210\n do_iter_write+0xda/0x340\n vfs_writev+0x1b4/0x400\n ? __pfx_vfs_writev+0x10/0x10\n ? __seccomp_filter+0x112/0x750\n ? populate_seccomp_data+0x182/0x220\n ? __fget_light+0xdf/0x100\n ? do_writev+0x19d/0x210\n do_writev+0x19d/0x210\n ? __pfx_do_writev+0x10/0x10\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0x60/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n ? do_syscall_64+0x6c/0x90\n ? lockdep_hardirqs_on_prepare+0x149/0x210\n entry_SYSCALL_64_after_hwframe+0x72/0xdc\nRIP: 0033:0x7ff45cb23e64\nCode: 15 d1 1f 0d 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 80 3d 9d a7 0d 00 00 74 13 b8 14 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89\nRSP: 002b:00007fff21ae09b8 EFLAGS: 00000202 ORIG_RAX: 0000000000000014\nRAX: ffffffffffffffda RBX: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53673",
"url": "https://www.suse.com/security/cve/CVE-2023-53673"
},
{
"category": "external",
"summary": "SUSE Bug 1251763 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251763"
},
{
"category": "external",
"summary": "SUSE Bug 1251983 for CVE-2023-53673",
"url": "https://bugzilla.suse.com/1251983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2023-53673"
},
{
"cve": "CVE-2023-53674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Fix memory leak in devm_clk_notifier_register()\n\ndevm_clk_notifier_register() allocates a devres resource for clk\nnotifier but didn\u0027t register that to the device, so the notifier didn\u0027t\nget unregistered on device detach and the allocated resource was leaked.\n\nFix the issue by registering the resource through devres_add().\n\nThis issue was found with kmemleak on a Chromebook.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53674",
"url": "https://www.suse.com/security/cve/CVE-2023-53674"
},
{
"category": "external",
"summary": "SUSE Bug 1251764 for CVE-2023-53674",
"url": "https://bugzilla.suse.com/1251764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53674"
},
{
"cve": "CVE-2023-53681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: Fix __bch_btree_node_alloc to make the failure behavior consistent\n\nIn some specific situations, the return value of __bch_btree_node_alloc\nmay be NULL. This may lead to a potential NULL pointer dereference in\ncaller function like a calling chain :\nbtree_split-\u003ebch_btree_node_alloc-\u003e__bch_btree_node_alloc.\n\nFix it by initializing the return value in __bch_btree_node_alloc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53681",
"url": "https://www.suse.com/security/cve/CVE-2023-53681"
},
{
"category": "external",
"summary": "SUSE Bug 1251769 for CVE-2023-53681",
"url": "https://bugzilla.suse.com/1251769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53681"
},
{
"cve": "CVE-2023-53686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/handshake: fix null-ptr-deref in handshake_nl_done_doit()\n\nWe should not call trace_handshake_cmd_done_err() if socket lookup has failed.\n\nAlso we should call trace_handshake_cmd_done_err() before releasing the file,\notherwise dereferencing sock-\u003esk can return garbage.\n\nThis also reverts 7afc6d0a107f (\"net/handshake: Fix uninitialized local variable\")\n\nUnable to handle kernel paging request at virtual address dfff800000000003\nKASAN: null-ptr-deref in range [0x0000000000000018-0x000000000000001f]\nMem abort info:\nESR = 0x0000000096000005\nEC = 0x25: DABT (current EL), IL = 32 bits\nSET = 0, FnV = 0\nEA = 0, S1PTW = 0\nFSC = 0x05: level 1 translation fault\nData abort info:\nISV = 0, ISS = 0x00000005, ISS2 = 0x00000000\nCM = 0, WnR = 0, TnD = 0, TagAccess = 0\nGCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[dfff800000000003] address between user and kernel address ranges\nInternal error: Oops: 0000000096000005 [#1] PREEMPT SMP\nModules linked in:\nCPU: 1 PID: 5986 Comm: syz-executor292 Not tainted 6.5.0-rc7-syzkaller-gfe4469582053 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023\npstate: 80400005 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : handshake_nl_done_doit+0x198/0x9c8 net/handshake/netlink.c:193\nlr : handshake_nl_done_doit+0x180/0x9c8\nsp : ffff800096e37180\nx29: ffff800096e37200 x28: 1ffff00012dc6e34 x27: dfff800000000000\nx26: ffff800096e373d0 x25: 0000000000000000 x24: 00000000ffffffa8\nx23: ffff800096e373f0 x22: 1ffff00012dc6e38 x21: 0000000000000000\nx20: ffff800096e371c0 x19: 0000000000000018 x18: 0000000000000000\nx17: 0000000000000000 x16: ffff800080516cc4 x15: 0000000000000001\nx14: 1fffe0001b14aa3b x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000003\nx8 : 0000000000000003 x7 : ffff800080afe47c x6 : 0000000000000000\nx5 : 0000000000000000 x4 : 0000000000000000 x3 : ffff800080a88078\nx2 : 0000000000000001 x1 : 00000000ffffffa8 x0 : 0000000000000000\nCall trace:\nhandshake_nl_done_doit+0x198/0x9c8 net/handshake/netlink.c:193\ngenl_family_rcv_msg_doit net/netlink/genetlink.c:970 [inline]\ngenl_family_rcv_msg net/netlink/genetlink.c:1050 [inline]\ngenl_rcv_msg+0x96c/0xc50 net/netlink/genetlink.c:1067\nnetlink_rcv_skb+0x214/0x3c4 net/netlink/af_netlink.c:2549\ngenl_rcv+0x38/0x50 net/netlink/genetlink.c:1078\nnetlink_unicast_kernel net/netlink/af_netlink.c:1339 [inline]\nnetlink_unicast+0x660/0x8d4 net/netlink/af_netlink.c:1365\nnetlink_sendmsg+0x834/0xb18 net/netlink/af_netlink.c:1914\nsock_sendmsg_nosec net/socket.c:725 [inline]\nsock_sendmsg net/socket.c:748 [inline]\n____sys_sendmsg+0x56c/0x840 net/socket.c:2494\n___sys_sendmsg net/socket.c:2548 [inline]\n__sys_sendmsg+0x26c/0x33c net/socket.c:2577\n__do_sys_sendmsg net/socket.c:2586 [inline]\n__se_sys_sendmsg net/socket.c:2584 [inline]\n__arm64_sys_sendmsg+0x80/0x94 net/socket.c:2584\n__invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\ninvoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51\nel0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136\ndo_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:155\nel0_svc+0x58/0x16c arch/arm64/kernel/entry-common.c:678\nel0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696\nel0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:591\nCode: 12800108 b90043e8 910062b3 d343fe68 (387b6908)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53686",
"url": "https://www.suse.com/security/cve/CVE-2023-53686"
},
{
"category": "external",
"summary": "SUSE Bug 1251771 for CVE-2023-53686",
"url": "https://bugzilla.suse.com/1251771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53686"
},
{
"cve": "CVE-2023-53687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: serial: samsung_tty: Fix a memory leak in s3c24xx_serial_getclk() when iterating clk\n\nWhen the best clk is searched, we iterate over all possible clk.\n\nIf we find a better match, the previous one, if any, needs to be freed.\nIf a better match has already been found, we still need to free the new\none, otherwise it leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53687",
"url": "https://www.suse.com/security/cve/CVE-2023-53687"
},
{
"category": "external",
"summary": "SUSE Bug 1251772 for CVE-2023-53687",
"url": "https://bugzilla.suse.com/1251772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53687"
},
{
"cve": "CVE-2023-53693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: gadget: Fix the memory leak in raw_gadget driver\n\nCurrently, increasing raw_dev-\u003ecount happens before invoke the\nraw_queue_event(), if the raw_queue_event() return error, invoke\nraw_release() will not trigger the dev_free() to be called.\n\n[ 268.905865][ T5067] raw-gadget.0 gadget.0: failed to queue event\n[ 268.912053][ T5067] udc dummy_udc.0: failed to start USB Raw Gadget: -12\n[ 268.918885][ T5067] raw-gadget.0: probe of gadget.0 failed with error -12\n[ 268.925956][ T5067] UDC core: USB Raw Gadget: couldn\u0027t find an available UDC or it\u0027s busy\n[ 268.934657][ T5067] misc raw-gadget: fail, usb_gadget_register_driver returned -16\n\nBUG: memory leak\n\n[\u003cffffffff8154bf94\u003e] kmalloc_trace+0x24/0x90 mm/slab_common.c:1076\n[\u003cffffffff8347eb55\u003e] kmalloc include/linux/slab.h:582 [inline]\n[\u003cffffffff8347eb55\u003e] kzalloc include/linux/slab.h:703 [inline]\n[\u003cffffffff8347eb55\u003e] dev_new drivers/usb/gadget/legacy/raw_gadget.c:191 [inline]\n[\u003cffffffff8347eb55\u003e] raw_open+0x45/0x110 drivers/usb/gadget/legacy/raw_gadget.c:385\n[\u003cffffffff827d1d09\u003e] misc_open+0x1a9/0x1f0 drivers/char/misc.c:165\n\n[\u003cffffffff8154bf94\u003e] kmalloc_trace+0x24/0x90 mm/slab_common.c:1076\n[\u003cffffffff8347cd2f\u003e] kmalloc include/linux/slab.h:582 [inline]\n[\u003cffffffff8347cd2f\u003e] raw_ioctl_init+0xdf/0x410 drivers/usb/gadget/legacy/raw_gadget.c:460\n[\u003cffffffff8347dfe9\u003e] raw_ioctl+0x5f9/0x1120 drivers/usb/gadget/legacy/raw_gadget.c:1250\n[\u003cffffffff81685173\u003e] vfs_ioctl fs/ioctl.c:51 [inline]\n\n[\u003cffffffff8154bf94\u003e] kmalloc_trace+0x24/0x90 mm/slab_common.c:1076\n[\u003cffffffff833ecc6a\u003e] kmalloc include/linux/slab.h:582 [inline]\n[\u003cffffffff833ecc6a\u003e] kzalloc include/linux/slab.h:703 [inline]\n[\u003cffffffff833ecc6a\u003e] dummy_alloc_request+0x5a/0xe0 drivers/usb/gadget/udc/dummy_hcd.c:665\n[\u003cffffffff833e9132\u003e] usb_ep_alloc_request+0x22/0xd0 drivers/usb/gadget/udc/core.c:196\n[\u003cffffffff8347f13d\u003e] gadget_bind+0x6d/0x370 drivers/usb/gadget/legacy/raw_gadget.c:292\n\nThis commit therefore invoke kref_get() under the condition that\nraw_queue_event() return success.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53693",
"url": "https://www.suse.com/security/cve/CVE-2023-53693"
},
{
"category": "external",
"summary": "SUSE Bug 1252489 for CVE-2023-53693",
"url": "https://bugzilla.suse.com/1252489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53693"
},
{
"cve": "CVE-2023-53697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu()\n\nMemory pointed by \u0027nd_pmu-\u003epmu.attr_groups\u0027 is allocated in function\n\u0027register_nvdimm_pmu\u0027 and is lost after \u0027kfree(nd_pmu)\u0027 call in function\n\u0027unregister_nvdimm_pmu\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53697",
"url": "https://www.suse.com/security/cve/CVE-2023-53697"
},
{
"category": "external",
"summary": "SUSE Bug 1252534 for CVE-2023-53697",
"url": "https://bugzilla.suse.com/1252534"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53697"
},
{
"cve": "CVE-2023-53698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix refcount underflow in error path\n\nFix a refcount underflow problem reported by syzbot that can happen\nwhen a system is running out of memory. If xp_alloc_tx_descs() fails,\nand it can only fail due to not having enough memory, then the error\npath is triggered. In this error path, the refcount of the pool is\ndecremented as it has incremented before. However, the reference to\nthe pool in the socket was not nulled. This means that when the socket\nis closed later, the socket teardown logic will think that there is a\npool attached to the socket and try to decrease the refcount again,\nleading to a refcount underflow.\n\nI chose this fix as it involved adding just a single line. Another\noption would have been to move xp_get_pool() and the assignment of\nxs-\u003epool to after the if-statement and using xs_umem-\u003epool instead of\nxs-\u003epool in the whole if-statement resulting in somewhat simpler code,\nbut this would have led to much more churn in the code base perhaps\nmaking it harder to backport.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53698",
"url": "https://www.suse.com/security/cve/CVE-2023-53698"
},
{
"category": "external",
"summary": "SUSE Bug 1252479 for CVE-2023-53698",
"url": "https://bugzilla.suse.com/1252479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53698"
},
{
"cve": "CVE-2023-53699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nriscv: move memblock_allow_resize() after linear mapping is ready\n\nThe initial memblock metadata is accessed from kernel image mapping. The\nregions arrays need to \"reallocated\" from memblock and accessed through\nlinear mapping to cover more memblock regions. So the resizing should\nnot be allowed until linear mapping is ready. Note that there are\nmemblock allocations when building linear mapping.\n\nThis patch is similar to 24cc61d8cb5a (\"arm64: memblock: don\u0027t permit\nmemblock resizing until linear mapping is up\").\n\nIn following log, many memblock regions are reserved before\ncreate_linear_mapping_page_table(). And then it triggered reallocation\nof memblock.reserved.regions and memcpy the old array in kernel image\nmapping to the new array in linear mapping which caused a page fault.\n\n[ 0.000000] memblock_reserve: [0x00000000bf01f000-0x00000000bf01ffff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] memblock_reserve: [0x00000000bf021000-0x00000000bf021fff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] memblock_reserve: [0x00000000bf023000-0x00000000bf023fff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] memblock_reserve: [0x00000000bf025000-0x00000000bf025fff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] memblock_reserve: [0x00000000bf027000-0x00000000bf027fff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] memblock_reserve: [0x00000000bf029000-0x00000000bf029fff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] memblock_reserve: [0x00000000bf02b000-0x00000000bf02bfff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] memblock_reserve: [0x00000000bf02d000-0x00000000bf02dfff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] memblock_reserve: [0x00000000bf02f000-0x00000000bf02ffff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] memblock_reserve: [0x00000000bf030000-0x00000000bf030fff] early_init_fdt_scan_reserved_mem+0x28c/0x2c6\n[ 0.000000] OF: reserved mem: 0x0000000080000000..0x000000008007ffff (512 KiB) map non-reusable mmode_resv0@80000000\n[ 0.000000] memblock_reserve: [0x00000000bf000000-0x00000000bf001fed] paging_init+0x19a/0x5ae\n[ 0.000000] memblock_phys_alloc_range: 4096 bytes align=0x1000 from=0x0000000000000000 max_addr=0x0000000000000000 alloc_pmd_fixmap+0x14/0x1c\n[ 0.000000] memblock_reserve: [0x000000017ffff000-0x000000017fffffff] memblock_alloc_range_nid+0xb8/0x128\n[ 0.000000] memblock: reserved is doubled to 256 at [0x000000017fffd000-0x000000017fffe7ff]\n[ 0.000000] Unable to handle kernel paging request at virtual address ff600000ffffd000\n[ 0.000000] Oops [#1]\n[ 0.000000] Modules linked in:\n[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 6.4.0-rc1-00011-g99a670b2069c #66\n[ 0.000000] Hardware name: riscv-virtio,qemu (DT)\n[ 0.000000] epc : __memcpy+0x60/0xf8\n[ 0.000000] ra : memblock_double_array+0x192/0x248\n[ 0.000000] epc : ffffffff8081d214 ra : ffffffff80a3dfc0 sp : ffffffff81403bd0\n[ 0.000000] gp : ffffffff814fbb38 tp : ffffffff8140dac0 t0 : 0000000001600000\n[ 0.000000] t1 : 0000000000000000 t2 : 000000008f001000 s0 : ffffffff81403c60\n[ 0.000000] s1 : ffffffff80c0bc98 a0 : ff600000ffffd000 a1 : ffffffff80c0bcd8\n[ 0.000000] a2 : 0000000000000c00 a3 : ffffffff80c0c8d8 a4 : 0000000080000000\n[ 0.000000] a5 : 0000000000080000 a6 : 0000000000000000 a7 : 0000000080200000\n[ 0.000000] s2 : ff600000ffffd000 s3 : 0000000000002000 s4 : 0000000000000c00\n[ 0.000000] s5 : ffffffff80c0bc60 s6 : ffffffff80c0bcc8 s7 : 0000000000000000\n[ 0.000000] s8 : ffffffff814fd0a8 s9 : 000000017fffe7ff s10: 0000000000000000\n[ 0.000000] s11: 0000000000001000 t3 : 0000000000001000 t4 : 0000000000000000\n[ 0.000000] t5 : 000000008f003000 t6 : ff600000ffffd000\n[ 0.000000] status: 0000000200000100 badaddr: ff600000ffffd000 cause: 000000000000000f\n[ 0.000000] [\u003cfff\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53699",
"url": "https://www.suse.com/security/cve/CVE-2023-53699"
},
{
"category": "external",
"summary": "SUSE Bug 1252550 for CVE-2023-53699",
"url": "https://bugzilla.suse.com/1252550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53699"
},
{
"cve": "CVE-2023-53703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: amd_sfh: Fix for shift-out-of-bounds\n\nShift operation of \u0027exp\u0027 and \u0027shift\u0027 variables exceeds the maximum number\nof shift values in the u32 range leading to UBSAN shift-out-of-bounds.\n\n...\n[ 6.120512] UBSAN: shift-out-of-bounds in drivers/hid/amd-sfh-hid/sfh1_1/amd_sfh_desc.c:149:50\n[ 6.120598] shift exponent 104 is too large for 64-bit type \u0027long unsigned int\u0027\n[ 6.120659] CPU: 4 PID: 96 Comm: kworker/4:1 Not tainted 6.4.0amd_1-next-20230519-dirty #10\n[ 6.120665] Hardware name: AMD Birman-PHX/Birman-PHX, BIOS SFH_with_HPD_SEN.FD 04/05/2023\n[ 6.120667] Workqueue: events amd_sfh_work_buffer [amd_sfh]\n[ 6.120687] Call Trace:\n[ 6.120690] \u003cTASK\u003e\n[ 6.120694] dump_stack_lvl+0x48/0x70\n[ 6.120704] dump_stack+0x10/0x20\n[ 6.120707] ubsan_epilogue+0x9/0x40\n[ 6.120716] __ubsan_handle_shift_out_of_bounds+0x10f/0x170\n[ 6.120720] ? psi_group_change+0x25f/0x4b0\n[ 6.120729] float_to_int.cold+0x18/0xba [amd_sfh]\n[ 6.120739] get_input_rep+0x57/0x340 [amd_sfh]\n[ 6.120748] ? __schedule+0xba7/0x1b60\n[ 6.120756] ? __pfx_get_input_rep+0x10/0x10 [amd_sfh]\n[ 6.120764] amd_sfh_work_buffer+0x91/0x180 [amd_sfh]\n[ 6.120772] process_one_work+0x229/0x430\n[ 6.120780] worker_thread+0x4a/0x3c0\n[ 6.120784] ? __pfx_worker_thread+0x10/0x10\n[ 6.120788] kthread+0xf7/0x130\n[ 6.120792] ? __pfx_kthread+0x10/0x10\n[ 6.120795] ret_from_fork+0x29/0x50\n[ 6.120804] \u003c/TASK\u003e\n...\n\nFix this by adding the condition to validate shift ranges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53703",
"url": "https://www.suse.com/security/cve/CVE-2023-53703"
},
{
"category": "external",
"summary": "SUSE Bug 1252553 for CVE-2023-53703",
"url": "https://bugzilla.suse.com/1252553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53703"
},
{
"cve": "CVE-2023-53704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: imx: clk-imx8mp: improve error handling in imx8mp_clocks_probe()\n\nReplace of_iomap() and kzalloc() with devm_of_iomap() and devm_kzalloc()\nwhich can automatically release the related memory when the device\nor driver is removed or unloaded to avoid potential memory leak.\n\nIn this case, iounmap(anatop_base) in line 427,433 are removed\nas manual release is not required.\n\nBesides, referring to clk-imx8mq.c, check the return code of\nof_clk_add_hw_provider, if it returns negtive, print error info\nand unregister hws, which makes the program more robust.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53704",
"url": "https://www.suse.com/security/cve/CVE-2023-53704"
},
{
"category": "external",
"summary": "SUSE Bug 1252490 for CVE-2023-53704",
"url": "https://bugzilla.suse.com/1252490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53704"
},
{
"cve": "CVE-2023-53707",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53707"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix integer overflow in amdgpu_cs_pass1\n\nThe type of size is unsigned int, if size is 0x40000000, there will\nbe an integer overflow, size will be zero after size *= sizeof(uint32_t),\nwill cause uninitialized memory to be referenced later.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53707",
"url": "https://www.suse.com/security/cve/CVE-2023-53707"
},
{
"category": "external",
"summary": "SUSE Bug 1252632 for CVE-2023-53707",
"url": "https://bugzilla.suse.com/1252632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53707"
},
{
"cve": "CVE-2023-53708",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53708"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: x86: s2idle: Catch multiple ACPI_TYPE_PACKAGE objects\n\nIf a badly constructed firmware includes multiple `ACPI_TYPE_PACKAGE`\nobjects while evaluating the AMD LPS0 _DSM, there will be a memory\nleak. Explicitly guard against this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53708",
"url": "https://www.suse.com/security/cve/CVE-2023-53708"
},
{
"category": "external",
"summary": "SUSE Bug 1252537 for CVE-2023-53708",
"url": "https://bugzilla.suse.com/1252537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53708"
},
{
"cve": "CVE-2023-53711",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53711"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix a potential data corruption\n\nWe must ensure that the subrequests are joined back into the head before\nwe can retransmit a request. If the head was not on the commit lists,\nbecause the server wrote it synchronously, we still need to add it back\nto the retransmission list.\nAdd a call that mirrors the effect of nfs_cancel_remove_inode() for\nO_DIRECT.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53711",
"url": "https://www.suse.com/security/cve/CVE-2023-53711"
},
{
"category": "external",
"summary": "SUSE Bug 1252536 for CVE-2023-53711",
"url": "https://bugzilla.suse.com/1252536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53711"
},
{
"cve": "CVE-2023-53713",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53713"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: sme: Use STR P to clear FFR context field in streaming SVE mode\n\nThe FFR is a predicate register which can vary between 16 and 256 bits\nin size depending upon the configured vector length. When saving the\nSVE state in streaming SVE mode, the FFR register is inaccessible and\nso commit 9f5848665788 (\"arm64/sve: Make access to FFR optional\") simply\nclears the FFR field of the in-memory context structure. Unfortunately,\nit achieves this using an unconditional 8-byte store and so if the SME\nvector length is anything other than 64 bytes in size we will either\nfail to clear the entire field or, worse, we will corrupt memory\nimmediately following the structure. This has led to intermittent kfence\nsplats in CI [1] and can trigger kmalloc Redzone corruption messages\nwhen running the \u0027fp-stress\u0027 kselftest:\n\n | =============================================================================\n | BUG kmalloc-1k (Not tainted): kmalloc Redzone overwritten\n | -----------------------------------------------------------------------------\n |\n | 0xffff000809bf1e22-0xffff000809bf1e27 @offset=7714. First byte 0x0 instead of 0xcc\n | Allocated in do_sme_acc+0x9c/0x220 age=2613 cpu=1 pid=531\n | __kmalloc+0x8c/0xcc\n | do_sme_acc+0x9c/0x220\n | ...\n\nReplace the 8-byte store with a store of a predicate register which has\nbeen zero-initialised with PFALSE, ensuring that the entire field is\ncleared in memory.\n\n[1] https://lore.kernel.org/r/CA+G9fYtU7HsV0R0dp4XEH5xXHSJFw8KyDf5VQrLLfMxWfxQkag@mail.gmail.com",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53713",
"url": "https://www.suse.com/security/cve/CVE-2023-53713"
},
{
"category": "external",
"summary": "SUSE Bug 1252559 for CVE-2023-53713",
"url": "https://bugzilla.suse.com/1252559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2023-53713"
},
{
"cve": "CVE-2023-53718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Do not swap cpu_buffer during resize process\n\nWhen ring_buffer_swap_cpu was called during resize process,\nthe cpu buffer was swapped in the middle, resulting in incorrect state.\nContinuing to run in the wrong state will result in oops.\n\nThis issue can be easily reproduced using the following two scripts:\n/tmp # cat test1.sh\n//#! /bin/sh\nfor i in `seq 0 100000`\ndo\n echo 2000 \u003e /sys/kernel/debug/tracing/buffer_size_kb\n sleep 0.5\n echo 5000 \u003e /sys/kernel/debug/tracing/buffer_size_kb\n sleep 0.5\ndone\n/tmp # cat test2.sh\n//#! /bin/sh\nfor i in `seq 0 100000`\ndo\n echo irqsoff \u003e /sys/kernel/debug/tracing/current_tracer\n sleep 1\n echo nop \u003e /sys/kernel/debug/tracing/current_tracer\n sleep 1\ndone\n/tmp # ./test1.sh \u0026\n/tmp # ./test2.sh \u0026\n\nA typical oops log is as follows, sometimes with other different oops logs.\n\n[ 231.711293] WARNING: CPU: 0 PID: 9 at kernel/trace/ring_buffer.c:2026 rb_update_pages+0x378/0x3f8\n[ 231.713375] Modules linked in:\n[ 231.714735] CPU: 0 PID: 9 Comm: kworker/0:1 Tainted: G W 6.5.0-rc1-00276-g20edcec23f92 #15\n[ 231.716750] Hardware name: linux,dummy-virt (DT)\n[ 231.718152] Workqueue: events update_pages_handler\n[ 231.719714] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 231.721171] pc : rb_update_pages+0x378/0x3f8\n[ 231.722212] lr : rb_update_pages+0x25c/0x3f8\n[ 231.723248] sp : ffff800082b9bd50\n[ 231.724169] x29: ffff800082b9bd50 x28: ffff8000825f7000 x27: 0000000000000000\n[ 231.726102] x26: 0000000000000001 x25: fffffffffffff010 x24: 0000000000000ff0\n[ 231.728122] x23: ffff0000c3a0b600 x22: ffff0000c3a0b5c0 x21: fffffffffffffe0a\n[ 231.730203] x20: ffff0000c3a0b600 x19: ffff0000c0102400 x18: 0000000000000000\n[ 231.732329] x17: 0000000000000000 x16: 0000000000000000 x15: 0000ffffe7aa8510\n[ 231.734212] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000002\n[ 231.736291] x11: ffff8000826998a8 x10: ffff800082b9baf0 x9 : ffff800081137558\n[ 231.738195] x8 : fffffc00030e82c8 x7 : 0000000000000000 x6 : 0000000000000001\n[ 231.740192] x5 : ffff0000ffbafe00 x4 : 0000000000000000 x3 : 0000000000000000\n[ 231.742118] x2 : 00000000000006aa x1 : 0000000000000001 x0 : ffff0000c0007208\n[ 231.744196] Call trace:\n[ 231.744892] rb_update_pages+0x378/0x3f8\n[ 231.745893] update_pages_handler+0x1c/0x38\n[ 231.746893] process_one_work+0x1f0/0x468\n[ 231.747852] worker_thread+0x54/0x410\n[ 231.748737] kthread+0x124/0x138\n[ 231.749549] ret_from_fork+0x10/0x20\n[ 231.750434] ---[ end trace 0000000000000000 ]---\n[ 233.720486] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[ 233.721696] Mem abort info:\n[ 233.721935] ESR = 0x0000000096000004\n[ 233.722283] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 233.722596] SET = 0, FnV = 0\n[ 233.722805] EA = 0, S1PTW = 0\n[ 233.723026] FSC = 0x04: level 0 translation fault\n[ 233.723458] Data abort info:\n[ 233.723734] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 233.724176] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 233.724589] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 233.725075] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000104943000\n[ 233.725592] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\n[ 233.726231] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP\n[ 233.726720] Modules linked in:\n[ 233.727007] CPU: 0 PID: 9 Comm: kworker/0:1 Tainted: G W 6.5.0-rc1-00276-g20edcec23f92 #15\n[ 233.727777] Hardware name: linux,dummy-virt (DT)\n[ 233.728225] Workqueue: events update_pages_handler\n[ 233.728655] pstate: 200000c5 (nzCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 233.729054] pc : rb_update_pages+0x1a8/0x3f8\n[ 233.729334] lr : rb_update_pages+0x154/0x3f8\n[ 233.729592] sp : ffff800082b9bd50\n[ 233.729792] x29: ffff800082b9bd50 x28: ffff8000825f7000 x27: 00000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53718",
"url": "https://www.suse.com/security/cve/CVE-2023-53718"
},
{
"category": "external",
"summary": "SUSE Bug 1252564 for CVE-2023-53718",
"url": "https://bugzilla.suse.com/1252564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53718"
},
{
"cve": "CVE-2023-53721",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53721"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: Fix a NULL pointer dereference in ath12k_mac_op_hw_scan()\n\nIn ath12k_mac_op_hw_scan(), the return value of kzalloc() is directly\nused in memcpy(), which may lead to a NULL pointer dereference on\nfailure of kzalloc().\n\nFix this bug by adding a check of arg.extraie.ptr.\n\nTested-on: WCN7850 hw2.0 PCI WLAN.HMT.1.0-03427-QCAHMTSWPL_V1.0_V2.0_SILICONZ-1.15378.4",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53721",
"url": "https://www.suse.com/security/cve/CVE-2023-53721"
},
{
"category": "external",
"summary": "SUSE Bug 1252561 for CVE-2023-53721",
"url": "https://bugzilla.suse.com/1252561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53721"
},
{
"cve": "CVE-2023-53722",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53722"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: raid1: fix potential OOB in raid1_remove_disk()\n\nIf rddev-\u003eraid_disk is greater than mddev-\u003eraid_disks, there will be\nan out-of-bounds in raid1_remove_disk(). We have already found\nsimilar reports as follows:\n\n1) commit d17f744e883b (\"md-raid10: fix KASAN warning\")\n2) commit 1ebc2cec0b7d (\"dm raid: fix KASAN warning in raid5_remove_disk\")\n\nFix this bug by checking whether the \"number\" variable is\nvalid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53722",
"url": "https://www.suse.com/security/cve/CVE-2023-53722"
},
{
"category": "external",
"summary": "SUSE Bug 1252499 for CVE-2023-53722",
"url": "https://bugzilla.suse.com/1252499"
},
{
"category": "external",
"summary": "SUSE Bug 1252500 for CVE-2023-53722",
"url": "https://bugzilla.suse.com/1252500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2023-53722"
},
{
"cve": "CVE-2023-53725",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53725"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe\n\nSmatch reports:\ndrivers/clocksource/timer-cadence-ttc.c:529 ttc_timer_probe()\nwarn: \u0027timer_baseaddr\u0027 from of_iomap() not released on lines: 498,508,516.\n\ntimer_baseaddr may have the problem of not being released after use,\nI replaced it with the devm_of_iomap() function and added the clk_put()\nfunction to cleanup the \"clk_ce\" and \"clk_cs\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53725",
"url": "https://www.suse.com/security/cve/CVE-2023-53725"
},
{
"category": "external",
"summary": "SUSE Bug 1252492 for CVE-2023-53725",
"url": "https://bugzilla.suse.com/1252492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53725"
},
{
"cve": "CVE-2023-53726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: csum: Fix OoB access in IP checksum code for negative lengths\n\nAlthough commit c2c24edb1d9c (\"arm64: csum: Fix pathological zero-length\ncalls\") added an early return for zero-length input, syzkaller has\npopped up with an example of a _negative_ length which causes an\nundefined shift and an out-of-bounds read:\n\n | BUG: KASAN: slab-out-of-bounds in do_csum+0x44/0x254 arch/arm64/lib/csum.c:39\n | Read of size 4294966928 at addr ffff0000d7ac0170 by task syz-executor412/5975\n |\n | CPU: 0 PID: 5975 Comm: syz-executor412 Not tainted 6.4.0-rc4-syzkaller-g908f31f2a05b #0\n | Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023\n | Call trace:\n | dump_backtrace+0x1b8/0x1e4 arch/arm64/kernel/stacktrace.c:233\n | show_stack+0x2c/0x44 arch/arm64/kernel/stacktrace.c:240\n | __dump_stack lib/dump_stack.c:88 [inline]\n | dump_stack_lvl+0xd0/0x124 lib/dump_stack.c:106\n | print_address_description mm/kasan/report.c:351 [inline]\n | print_report+0x174/0x514 mm/kasan/report.c:462\n | kasan_report+0xd4/0x130 mm/kasan/report.c:572\n | kasan_check_range+0x264/0x2a4 mm/kasan/generic.c:187\n | __kasan_check_read+0x20/0x30 mm/kasan/shadow.c:31\n | do_csum+0x44/0x254 arch/arm64/lib/csum.c:39\n | csum_partial+0x30/0x58 lib/checksum.c:128\n | gso_make_checksum include/linux/skbuff.h:4928 [inline]\n | __udp_gso_segment+0xaf4/0x1bc4 net/ipv4/udp_offload.c:332\n | udp6_ufo_fragment+0x540/0xca0 net/ipv6/udp_offload.c:47\n | ipv6_gso_segment+0x5cc/0x1760 net/ipv6/ip6_offload.c:119\n | skb_mac_gso_segment+0x2b4/0x5b0 net/core/gro.c:141\n | __skb_gso_segment+0x250/0x3d0 net/core/dev.c:3401\n | skb_gso_segment include/linux/netdevice.h:4859 [inline]\n | validate_xmit_skb+0x364/0xdbc net/core/dev.c:3659\n | validate_xmit_skb_list+0x94/0x130 net/core/dev.c:3709\n | sch_direct_xmit+0xe8/0x548 net/sched/sch_generic.c:327\n | __dev_xmit_skb net/core/dev.c:3805 [inline]\n | __dev_queue_xmit+0x147c/0x3318 net/core/dev.c:4210\n | dev_queue_xmit include/linux/netdevice.h:3085 [inline]\n | packet_xmit+0x6c/0x318 net/packet/af_packet.c:276\n | packet_snd net/packet/af_packet.c:3081 [inline]\n | packet_sendmsg+0x376c/0x4c98 net/packet/af_packet.c:3113\n | sock_sendmsg_nosec net/socket.c:724 [inline]\n | sock_sendmsg net/socket.c:747 [inline]\n | __sys_sendto+0x3b4/0x538 net/socket.c:2144\n\nExtend the early return to reject negative lengths as well, aligning our\nimplementation with the generic code in lib/checksum.c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53726",
"url": "https://www.suse.com/security/cve/CVE-2023-53726"
},
{
"category": "external",
"summary": "SUSE Bug 1252565 for CVE-2023-53726",
"url": "https://bugzilla.suse.com/1252565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53726"
},
{
"cve": "CVE-2023-53727",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53727"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fq_pie: avoid stalls in fq_pie_timer()\n\nWhen setting a high number of flows (limit being 65536),\nfq_pie_timer() is currently using too much time as syzbot reported.\n\nAdd logic to yield the cpu every 2048 flows (less than 150 usec\non debug kernels).\nIt should also help by not blocking qdisc fast paths for too long.\nWorst case (65536 flows) would need 31 jiffies for a complete scan.\n\nRelevant extract from syzbot report:\n\nrcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-.... } 2663 jiffies s: 873 root: 0x1/.\nrcu: blocking rcu_node structures (internal RCU debug):\nSending NMI from CPU 1 to CPUs 0:\nNMI backtrace for cpu 0\nCPU: 0 PID: 5177 Comm: syz-executor273 Not tainted 6.5.0-syzkaller-00453-g727dbda16b83 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023\nRIP: 0010:check_kcov_mode kernel/kcov.c:173 [inline]\nRIP: 0010:write_comp_data+0x21/0x90 kernel/kcov.c:236\nCode: 2e 0f 1f 84 00 00 00 00 00 65 8b 05 01 b2 7d 7e 49 89 f1 89 c6 49 89 d2 81 e6 00 01 00 00 49 89 f8 65 48 8b 14 25 80 b9 03 00 \u003ca9\u003e 00 01 ff 00 74 0e 85 f6 74 59 8b 82 04 16 00 00 85 c0 74 4f 8b\nRSP: 0018:ffffc90000007bb8 EFLAGS: 00000206\nRAX: 0000000000000101 RBX: ffffc9000dc0d140 RCX: ffffffff885893b0\nRDX: ffff88807c075940 RSI: 0000000000000100 RDI: 0000000000000001\nRBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000000 R12: ffffc9000dc0d178\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\nFS: 0000555555d54380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f6b442f6130 CR3: 000000006fe1c000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cNMI\u003e\n \u003c/NMI\u003e\n \u003cIRQ\u003e\n pie_calculate_probability+0x480/0x850 net/sched/sch_pie.c:415\n fq_pie_timer+0x1da/0x4f0 net/sched/sch_fq_pie.c:387\n call_timer_fn+0x1a0/0x580 kernel/time/timer.c:1700",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53727",
"url": "https://www.suse.com/security/cve/CVE-2023-53727"
},
{
"category": "external",
"summary": "SUSE Bug 1252566 for CVE-2023-53727",
"url": "https://bugzilla.suse.com/1252566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53727"
},
{
"cve": "CVE-2023-53728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53728"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nposix-timers: Ensure timer ID search-loop limit is valid\n\nposix_timer_add() tries to allocate a posix timer ID by starting from the\ncached ID which was stored by the last successful allocation.\n\nThis is done in a loop searching the ID space for a free slot one by\none. The loop has to terminate when the search wrapped around to the\nstarting point.\n\nBut that\u0027s racy vs. establishing the starting point. That is read out\nlockless, which leads to the following problem:\n\nCPU0\t \t \t \t CPU1\nposix_timer_add()\n start = sig-\u003eposix_timer_id;\n lock(hash_lock);\n ...\t\t\t\t posix_timer_add()\n if (++sig-\u003eposix_timer_id \u003c 0)\n \t\t\t start = sig-\u003eposix_timer_id;\n sig-\u003eposix_timer_id = 0;\n\nSo CPU1 can observe a negative start value, i.e. -1, and the loop break\nnever happens because the condition can never be true:\n\n if (sig-\u003eposix_timer_id == start)\n break;\n\nWhile this is unlikely to ever turn into an endless loop as the ID space is\nhuge (INT_MAX), the racy read of the start value caught the attention of\nKCSAN and Dmitry unearthed that incorrectness.\n\nRewrite it so that all id operations are under the hash lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53728",
"url": "https://www.suse.com/security/cve/CVE-2023-53728"
},
{
"category": "external",
"summary": "SUSE Bug 1252668 for CVE-2023-53728",
"url": "https://bugzilla.suse.com/1252668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53728"
},
{
"cve": "CVE-2023-53729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53729"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: qmi_encdec: Restrict string length in decode\n\nThe QMI TLV value for strings in a lot of qmi element info structures\naccount for null terminated strings with MAX_LEN + 1. If a string is\nactually MAX_LEN + 1 length, this will cause an out of bounds access\nwhen the NULL character is appended in decoding.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53729",
"url": "https://www.suse.com/security/cve/CVE-2023-53729"
},
{
"category": "external",
"summary": "SUSE Bug 1252496 for CVE-2023-53729",
"url": "https://bugzilla.suse.com/1252496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53729"
},
{
"cve": "CVE-2023-53730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53730"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_cost\n\nadjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabled\nwhen unlock. DEADLOCK might happen if we have held other locks and disabled\nIRQ before invoking it.\n\nFix it by using spin_lock_irqsave() instead, which can keep IRQ state\nconsistent with before when unlock.\n\n ================================\n WARNING: inconsistent lock state\n 5.10.0-02758-g8e5f91fd772f #26 Not tainted\n --------------------------------\n inconsistent {IN-HARDIRQ-W} -\u003e {HARDIRQ-ON-W} usage.\n kworker/2:3/388 [HC0[0]:SC0[0]:HE0:SE1] takes:\n ffff888118c00c28 (\u0026bfqd-\u003elock){?.-.}-{2:2}, at: spin_lock_irq\n ffff888118c00c28 (\u0026bfqd-\u003elock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390\n {IN-HARDIRQ-W} state was registered at:\n __lock_acquire+0x3d7/0x1070\n lock_acquire+0x197/0x4a0\n __raw_spin_lock_irqsave\n _raw_spin_lock_irqsave+0x3b/0x60\n bfq_idle_slice_timer_body\n bfq_idle_slice_timer+0x53/0x1d0\n __run_hrtimer+0x477/0xa70\n __hrtimer_run_queues+0x1c6/0x2d0\n hrtimer_interrupt+0x302/0x9e0\n local_apic_timer_interrupt\n __sysvec_apic_timer_interrupt+0xfd/0x420\n run_sysvec_on_irqstack_cond\n sysvec_apic_timer_interrupt+0x46/0xa0\n asm_sysvec_apic_timer_interrupt+0x12/0x20\n irq event stamp: 837522\n hardirqs last enabled at (837521): [\u003cffffffff84b9419d\u003e] __raw_spin_unlock_irqrestore\n hardirqs last enabled at (837521): [\u003cffffffff84b9419d\u003e] _raw_spin_unlock_irqrestore+0x3d/0x40\n hardirqs last disabled at (837522): [\u003cffffffff84b93fa3\u003e] __raw_spin_lock_irq\n hardirqs last disabled at (837522): [\u003cffffffff84b93fa3\u003e] _raw_spin_lock_irq+0x43/0x50\n softirqs last enabled at (835852): [\u003cffffffff84e00558\u003e] __do_softirq+0x558/0x8ec\n softirqs last disabled at (835845): [\u003cffffffff84c010ff\u003e] asm_call_irq_on_stack+0xf/0x20\n\n other info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026bfqd-\u003elock);\n \u003cInterrupt\u003e\n lock(\u0026bfqd-\u003elock);\n\n *** DEADLOCK ***\n\n 3 locks held by kworker/2:3/388:\n #0: ffff888107af0f38 ((wq_completion)kthrotld){+.+.}-{0:0}, at: process_one_work+0x742/0x13f0\n #1: ffff8881176bfdd8 ((work_completion)(\u0026td-\u003edispatch_work)){+.+.}-{0:0}, at: process_one_work+0x777/0x13f0\n #2: ffff888118c00c28 (\u0026bfqd-\u003elock){?.-.}-{2:2}, at: spin_lock_irq\n #2: ffff888118c00c28 (\u0026bfqd-\u003elock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390\n\n stack backtrace:\n CPU: 2 PID: 388 Comm: kworker/2:3 Not tainted 5.10.0-02758-g8e5f91fd772f #26\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014\n Workqueue: kthrotld blk_throtl_dispatch_work_fn\n Call Trace:\n __dump_stack lib/dump_stack.c:77 [inline]\n dump_stack+0x107/0x167\n print_usage_bug\n valid_state\n mark_lock_irq.cold+0x32/0x3a\n mark_lock+0x693/0xbc0\n mark_held_locks+0x9e/0xe0\n __trace_hardirqs_on_caller\n lockdep_hardirqs_on_prepare.part.0+0x151/0x360\n trace_hardirqs_on+0x5b/0x180\n __raw_spin_unlock_irq\n _raw_spin_unlock_irq+0x24/0x40\n spin_unlock_irq\n adjust_inuse_and_calc_cost+0x4fb/0x970\n ioc_rqos_merge+0x277/0x740\n __rq_qos_merge+0x62/0xb0\n rq_qos_merge\n bio_attempt_back_merge+0x12c/0x4a0\n blk_mq_sched_try_merge+0x1b6/0x4d0\n bfq_bio_merge+0x24a/0x390\n __blk_mq_sched_bio_merge+0xa6/0x460\n blk_mq_sched_bio_merge\n blk_mq_submit_bio+0x2e7/0x1ee0\n __submit_bio_noacct_mq+0x175/0x3b0\n submit_bio_noacct+0x1fb/0x270\n blk_throtl_dispatch_work_fn+0x1ef/0x2b0\n process_one_work+0x83e/0x13f0\n process_scheduled_works\n worker_thread+0x7e3/0xd80\n kthread+0x353/0x470\n ret_from_fork+0x1f/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53730",
"url": "https://www.suse.com/security/cve/CVE-2023-53730"
},
{
"category": "external",
"summary": "SUSE Bug 1252495 for CVE-2023-53730",
"url": "https://bugzilla.suse.com/1252495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53730"
},
{
"cve": "CVE-2023-53731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: fix potential deadlock in netlink_set_err()\n\nsyzbot reported a possible deadlock in netlink_set_err() [1]\n\nA similar issue was fixed in commit 1d482e666b8e (\"netlink: disable IRQs\nfor netlink_lock_table()\") in netlink_lock_table()\n\nThis patch adds IRQ safety to netlink_set_err() and __netlink_diag_dump()\nwhich were not covered by cited commit.\n\n[1]\n\nWARNING: possible irq lock inversion dependency detected\n6.4.0-rc6-syzkaller-00240-g4e9f0ec38852 #0 Not tainted\n\nsyz-executor.2/23011 just changed the state of lock:\nffffffff8e1a7a58 (nl_table_lock){.+.?}-{2:2}, at: netlink_set_err+0x2e/0x3a0 net/netlink/af_netlink.c:1612\nbut this lock was taken by another, SOFTIRQ-safe lock in the past:\n (\u0026local-\u003equeue_stop_reason_lock){..-.}-{2:2}\n\nand interrupts could create inverse lock ordering between them.\n\nother info that might help us debug this:\n Possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(nl_table_lock);\n local_irq_disable();\n lock(\u0026local-\u003equeue_stop_reason_lock);\n lock(nl_table_lock);\n \u003cInterrupt\u003e\n lock(\u0026local-\u003equeue_stop_reason_lock);\n\n *** DEADLOCK ***",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53731",
"url": "https://www.suse.com/security/cve/CVE-2023-53731"
},
{
"category": "external",
"summary": "SUSE Bug 1252481 for CVE-2023-53731",
"url": "https://bugzilla.suse.com/1252481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2023-53731"
},
{
"cve": "CVE-2023-53733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-53733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_u32: Undo tcf_bind_filter if u32_replace_hw_knode\n\nWhen u32_replace_hw_knode fails, we need to undo the tcf_bind_filter\noperation done at u32_set_parms.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-53733",
"url": "https://www.suse.com/security/cve/CVE-2023-53733"
},
{
"category": "external",
"summary": "SUSE Bug 1252685 for CVE-2023-53733",
"url": "https://bugzilla.suse.com/1252685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2023-53733"
},
{
"cve": "CVE-2025-38008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/page_alloc: fix race condition in unaccepted memory handling\n\nThe page allocator tracks the number of zones that have unaccepted memory\nusing static_branch_enc/dec() and uses that static branch in hot paths to\ndetermine if it needs to deal with unaccepted memory.\n\nBorislav and Thomas pointed out that the tracking is racy: operations on\nstatic_branch are not serialized against adding/removing unaccepted pages\nto/from the zone.\n\nSanity checks inside static_branch machinery detects it:\n\nWARNING: CPU: 0 PID: 10 at kernel/jump_label.c:276 __static_key_slow_dec_cpuslocked+0x8e/0xa0\n\nThe comment around the WARN() explains the problem:\n\n\t/*\n\t * Warn about the \u0027-1\u0027 case though; since that means a\n\t * decrement is concurrent with a first (0-\u003e1) increment. IOW\n\t * people are trying to disable something that wasn\u0027t yet fully\n\t * enabled. This suggests an ordering problem on the user side.\n\t */\n\nThe effect of this static_branch optimization is only visible on\nmicrobenchmark.\n\nInstead of adding more complexity around it, remove it altogether.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38008",
"url": "https://www.suse.com/security/cve/CVE-2025-38008"
},
{
"category": "external",
"summary": "SUSE Bug 1244939 for CVE-2025-38008",
"url": "https://bugzilla.suse.com/1244939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-38008"
},
{
"cve": "CVE-2025-38539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Add down_write(trace_event_sem) when adding trace event\n\nWhen a module is loaded, it adds trace events defined by the module. It\nmay also need to modify the modules trace printk formats to replace enum\nnames with their values.\n\nIf two modules are loaded at the same time, the adding of the event to the\nftrace_events list can corrupt the walking of the list in the code that is\nmodifying the printk format strings and crash the kernel.\n\nThe addition of the event should take the trace_event_sem for write while\nit adds the new event.\n\nAlso add a lockdep_assert_held() on that semaphore in\n__trace_add_event_dirs() as it iterates the list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38539",
"url": "https://www.suse.com/security/cve/CVE-2025-38539"
},
{
"category": "external",
"summary": "SUSE Bug 1248211 for CVE-2025-38539",
"url": "https://bugzilla.suse.com/1248211"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-38539"
},
{
"cve": "CVE-2025-38552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38552"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: plug races between subflow fail and subflow creation\n\nWe have races similar to the one addressed by the previous patch between\nsubflow failing and additional subflow creation. They are just harder to\ntrigger.\n\nThe solution is similar. Use a separate flag to track the condition\n\u0027socket state prevent any additional subflow creation\u0027 protected by the\nfallback lock.\n\nThe socket fallback makes such flag true, and also receiving or sending\nan MP_FAIL option.\n\nThe field \u0027allow_infinite_fallback\u0027 is now always touched under the\nrelevant lock, we can drop the ONCE annotation on write.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38552",
"url": "https://www.suse.com/security/cve/CVE-2025-38552"
},
{
"category": "external",
"summary": "SUSE Bug 1248230 for CVE-2025-38552",
"url": "https://bugzilla.suse.com/1248230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-38552"
},
{
"cve": "CVE-2025-38653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nproc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al\n\nCheck pde-\u003eproc_ops-\u003eproc_lseek directly may cause UAF in rmmod scenario. \nIt\u0027s a gap in proc_reg_open() after commit 654b33ada4ab(\"proc: fix UAF in\nproc_get_inode()\"). Followed by AI Viro\u0027s suggestion, fix it in same\nmanner.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38653",
"url": "https://www.suse.com/security/cve/CVE-2025-38653"
},
{
"category": "external",
"summary": "SUSE Bug 1248630 for CVE-2025-38653",
"url": "https://bugzilla.suse.com/1248630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-38653"
},
{
"cve": "CVE-2025-38699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bfa: Double-free fix\n\nWhen the bfad_im_probe() function fails during initialization, the memory\npointed to by bfad-\u003eim is freed without setting bfad-\u003eim to NULL.\n\nSubsequently, during driver uninstallation, when the state machine enters\nthe bfad_sm_stopping state and calls the bfad_im_probe_undo() function,\nit attempts to free the memory pointed to by bfad-\u003eim again, thereby\ntriggering a double-free vulnerability.\n\nSet bfad-\u003eim to NULL if probing fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38699",
"url": "https://www.suse.com/security/cve/CVE-2025-38699"
},
{
"category": "external",
"summary": "SUSE Bug 1249224 for CVE-2025-38699",
"url": "https://bugzilla.suse.com/1249224"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-38699"
},
{
"cve": "CVE-2025-38700",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38700"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libiscsi: Initialize iscsi_conn-\u003edd_data only if memory is allocated\n\nIn case of an ib_fast_reg_mr allocation failure during iSER setup, the\nmachine hits a panic because iscsi_conn-\u003edd_data is initialized\nunconditionally, even when no memory is allocated (dd_size == 0). This\nleads invalid pointer dereference during connection teardown.\n\nFix by setting iscsi_conn-\u003edd_data only if memory is actually allocated.\n\nPanic trace:\n------------\n iser: iser_create_fastreg_desc: Failed to allocate ib_fast_reg_mr err=-12\n iser: iser_alloc_rx_descriptors: failed allocating rx descriptors / data buffers\n BUG: unable to handle page fault for address: fffffffffffffff8\n RIP: 0010:swake_up_locked.part.5+0xa/0x40\n Call Trace:\n complete+0x31/0x40\n iscsi_iser_conn_stop+0x88/0xb0 [ib_iser]\n iscsi_stop_conn+0x66/0xc0 [scsi_transport_iscsi]\n iscsi_if_stop_conn+0x14a/0x150 [scsi_transport_iscsi]\n iscsi_if_rx+0x1135/0x1834 [scsi_transport_iscsi]\n ? netlink_lookup+0x12f/0x1b0\n ? netlink_deliver_tap+0x2c/0x200\n netlink_unicast+0x1ab/0x280\n netlink_sendmsg+0x257/0x4f0\n ? _copy_from_user+0x29/0x60\n sock_sendmsg+0x5f/0x70",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38700",
"url": "https://www.suse.com/security/cve/CVE-2025-38700"
},
{
"category": "external",
"summary": "SUSE Bug 1249182 for CVE-2025-38700",
"url": "https://bugzilla.suse.com/1249182"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-38700"
},
{
"cve": "CVE-2025-38718",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38718"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: linearize cloned gso packets in sctp_rcv\n\nA cloned head skb still shares these frag skbs in fraglist with the\noriginal head skb. It\u0027s not safe to access these frag skbs.\n\nsyzbot reported two use-of-uninitialized-memory bugs caused by this:\n\n BUG: KMSAN: uninit-value in sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211\n sctp_inq_pop+0x15b7/0x1920 net/sctp/inqueue.c:211\n sctp_assoc_bh_rcv+0x1a7/0xc50 net/sctp/associola.c:998\n sctp_inq_push+0x2ef/0x380 net/sctp/inqueue.c:88\n sctp_backlog_rcv+0x397/0xdb0 net/sctp/input.c:331\n sk_backlog_rcv+0x13b/0x420 include/net/sock.h:1122\n __release_sock+0x1da/0x330 net/core/sock.c:3106\n release_sock+0x6b/0x250 net/core/sock.c:3660\n sctp_wait_for_connect+0x487/0x820 net/sctp/socket.c:9360\n sctp_sendmsg_to_asoc+0x1ec1/0x1f00 net/sctp/socket.c:1885\n sctp_sendmsg+0x32b9/0x4a80 net/sctp/socket.c:2031\n inet_sendmsg+0x25a/0x280 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:718 [inline]\n\nand\n\n BUG: KMSAN: uninit-value in sctp_assoc_bh_rcv+0x34e/0xbc0 net/sctp/associola.c:987\n sctp_assoc_bh_rcv+0x34e/0xbc0 net/sctp/associola.c:987\n sctp_inq_push+0x2a3/0x350 net/sctp/inqueue.c:88\n sctp_backlog_rcv+0x3c7/0xda0 net/sctp/input.c:331\n sk_backlog_rcv+0x142/0x420 include/net/sock.h:1148\n __release_sock+0x1d3/0x330 net/core/sock.c:3213\n release_sock+0x6b/0x270 net/core/sock.c:3767\n sctp_wait_for_connect+0x458/0x820 net/sctp/socket.c:9367\n sctp_sendmsg_to_asoc+0x223a/0x2260 net/sctp/socket.c:1886\n sctp_sendmsg+0x3910/0x49f0 net/sctp/socket.c:2032\n inet_sendmsg+0x269/0x2a0 net/ipv4/af_inet.c:851\n sock_sendmsg_nosec net/socket.c:712 [inline]\n\nThis patch fixes it by linearizing cloned gso packets in sctp_rcv().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38718",
"url": "https://www.suse.com/security/cve/CVE-2025-38718"
},
{
"category": "external",
"summary": "SUSE Bug 1249161 for CVE-2025-38718",
"url": "https://bugzilla.suse.com/1249161"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-38718"
},
{
"cve": "CVE-2025-39673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp: fix race conditions in ppp_fill_forward_path\n\nppp_fill_forward_path() has two race conditions:\n\n1. The ppp-\u003echannels list can change between list_empty() and\n list_first_entry(), as ppp_lock() is not held. If the only channel\n is deleted in ppp_disconnect_channel(), list_first_entry() may\n access an empty head or a freed entry, and trigger a panic.\n\n2. pch-\u003echan can be NULL. When ppp_unregister_channel() is called,\n pch-\u003echan is set to NULL before pch is removed from ppp-\u003echannels.\n\nFix these by using a lockless RCU approach:\n- Use list_first_or_null_rcu() to safely test and access the first list\n entry.\n- Convert list modifications on ppp-\u003echannels to their RCU variants and\n add synchronize_net() after removal.\n- Check for a NULL pch-\u003echan before dereferencing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39673",
"url": "https://www.suse.com/security/cve/CVE-2025-39673"
},
{
"category": "external",
"summary": "SUSE Bug 1249320 for CVE-2025-39673",
"url": "https://bugzilla.suse.com/1249320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39673"
},
{
"cve": "CVE-2025-39676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla4xxx: Prevent a potential error pointer dereference\n\nThe qla4xxx_get_ep_fwdb() function is supposed to return NULL on error,\nbut qla4xxx_ep_connect() returns error pointers. Propagating the error\npointers will lead to an Oops in the caller, so change the error pointers\nto NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39676",
"url": "https://www.suse.com/security/cve/CVE-2025-39676"
},
{
"category": "external",
"summary": "SUSE Bug 1249302 for CVE-2025-39676",
"url": "https://bugzilla.suse.com/1249302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39676"
},
{
"cve": "CVE-2025-39683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Limit access to parser-\u003ebuffer when trace_get_user failed\n\nWhen the length of the string written to set_ftrace_filter exceeds\nFTRACE_BUFF_MAX, the following KASAN alarm will be triggered:\n\nBUG: KASAN: slab-out-of-bounds in strsep+0x18c/0x1b0\nRead of size 1 at addr ffff0000d00bd5ba by task ash/165\n\nCPU: 1 UID: 0 PID: 165 Comm: ash Not tainted 6.16.0-g6bcdbd62bd56-dirty\nHardware name: linux,dummy-virt (DT)\nCall trace:\n show_stack+0x34/0x50 (C)\n dump_stack_lvl+0xa0/0x158\n print_address_description.constprop.0+0x88/0x398\n print_report+0xb0/0x280\n kasan_report+0xa4/0xf0\n __asan_report_load1_noabort+0x20/0x30\n strsep+0x18c/0x1b0\n ftrace_process_regex.isra.0+0x100/0x2d8\n ftrace_regex_release+0x484/0x618\n __fput+0x364/0xa58\n ____fput+0x28/0x40\n task_work_run+0x154/0x278\n do_notify_resume+0x1f0/0x220\n el0_svc+0xec/0xf0\n el0t_64_sync_handler+0xa0/0xe8\n el0t_64_sync+0x1ac/0x1b0\n\nThe reason is that trace_get_user will fail when processing a string\nlonger than FTRACE_BUFF_MAX, but not set the end of parser-\u003ebuffer to 0.\nThen an OOB access will be triggered in ftrace_regex_release-\u003e\nftrace_process_regex-\u003estrsep-\u003estrpbrk. We can solve this problem by\nlimiting access to parser-\u003ebuffer when trace_get_user failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39683",
"url": "https://www.suse.com/security/cve/CVE-2025-39683"
},
{
"category": "external",
"summary": "SUSE Bug 1249286 for CVE-2025-39683",
"url": "https://bugzilla.suse.com/1249286"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39683"
},
{
"cve": "CVE-2025-39697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix a race when updating an existing write\n\nAfter nfs_lock_and_join_requests() tests for whether the request is\nstill attached to the mapping, nothing prevents a call to\nnfs_inode_remove_request() from succeeding until we actually lock the\npage group.\nThe reason is that whoever called nfs_inode_remove_request() doesn\u0027t\nnecessarily have a lock on the page group head.\n\nSo in order to avoid races, let\u0027s take the page group lock earlier in\nnfs_lock_and_join_requests(), and hold it across the removal of the\nrequest in nfs_inode_remove_request().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39697",
"url": "https://www.suse.com/security/cve/CVE-2025-39697"
},
{
"category": "external",
"summary": "SUSE Bug 1249319 for CVE-2025-39697",
"url": "https://bugzilla.suse.com/1249319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39697"
},
{
"cve": "CVE-2025-39702",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39702"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: Fix MAC comparison to be constant-time\n\nTo prevent timing attacks, MACs need to be compared in constant time.\nUse the appropriate helper function for this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39702",
"url": "https://www.suse.com/security/cve/CVE-2025-39702"
},
{
"category": "external",
"summary": "SUSE Bug 1249317 for CVE-2025-39702",
"url": "https://bugzilla.suse.com/1249317"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39702"
},
{
"cve": "CVE-2025-39756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: Prevent file descriptor table allocations exceeding INT_MAX\n\nWhen sysctl_nr_open is set to a very high value (for example, 1073741816\nas set by systemd), processes attempting to use file descriptors near\nthe limit can trigger massive memory allocation attempts that exceed\nINT_MAX, resulting in a WARNING in mm/slub.c:\n\n WARNING: CPU: 0 PID: 44 at mm/slub.c:5027 __kvmalloc_node_noprof+0x21a/0x288\n\nThis happens because kvmalloc_array() and kvmalloc() check if the\nrequested size exceeds INT_MAX and emit a warning when the allocation is\nnot flagged with __GFP_NOWARN.\n\nSpecifically, when nr_open is set to 1073741816 (0x3ffffff8) and a\nprocess calls dup2(oldfd, 1073741880), the kernel attempts to allocate:\n- File descriptor array: 1073741880 * 8 bytes = 8,589,935,040 bytes\n- Multiple bitmaps: ~400MB\n- Total allocation size: \u003e 8GB (exceeding INT_MAX = 2,147,483,647)\n\nReproducer:\n1. Set /proc/sys/fs/nr_open to 1073741816:\n # echo 1073741816 \u003e /proc/sys/fs/nr_open\n\n2. Run a program that uses a high file descriptor:\n #include \u003cunistd.h\u003e\n #include \u003csys/resource.h\u003e\n\n int main() {\n struct rlimit rlim = {1073741824, 1073741824};\n setrlimit(RLIMIT_NOFILE, \u0026rlim);\n dup2(2, 1073741880); // Triggers the warning\n return 0;\n }\n\n3. Observe WARNING in dmesg at mm/slub.c:5027\n\nsystemd commit a8b627a introduced automatic bumping of fs.nr_open to the\nmaximum possible value. The rationale was that systems with memory\ncontrol groups (memcg) no longer need separate file descriptor limits\nsince memory is properly accounted. However, this change overlooked\nthat:\n\n1. The kernel\u0027s allocation functions still enforce INT_MAX as a maximum\n size regardless of memcg accounting\n2. Programs and tests that legitimately test file descriptor limits can\n inadvertently trigger massive allocations\n3. The resulting allocations (\u003e8GB) are impractical and will always fail\n\nsystemd\u0027s algorithm starts with INT_MAX and keeps halving the value\nuntil the kernel accepts it. On most systems, this results in nr_open\nbeing set to 1073741816 (0x3ffffff8), which is just under 1GB of file\ndescriptors.\n\nWhile processes rarely use file descriptors near this limit in normal\noperation, certain selftests (like\ntools/testing/selftests/core/unshare_test.c) and programs that test file\ndescriptor limits can trigger this issue.\n\nFix this by adding a check in alloc_fdtable() to ensure the requested\nallocation size does not exceed INT_MAX. This causes the operation to\nfail with -EMFILE instead of triggering a kernel warning and avoids the\nimpractical \u003e8GB memory allocation request.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39756",
"url": "https://www.suse.com/security/cve/CVE-2025-39756"
},
{
"category": "external",
"summary": "SUSE Bug 1249512 for CVE-2025-39756",
"url": "https://bugzilla.suse.com/1249512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39756"
},
{
"cve": "CVE-2025-39794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: tegra: Use I/O memcpy to write to IRAM\n\nKasan crashes the kernel trying to check boundaries when using the\nnormal memcpy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39794",
"url": "https://www.suse.com/security/cve/CVE-2025-39794"
},
{
"category": "external",
"summary": "SUSE Bug 1249595 for CVE-2025-39794",
"url": "https://bugzilla.suse.com/1249595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39794"
},
{
"cve": "CVE-2025-39797",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39797"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: Duplicate SPI Handling\n\nThe issue originates when Strongswan initiates an XFRM_MSG_ALLOCSPI\nNetlink message, which triggers the kernel function xfrm_alloc_spi().\nThis function is expected to ensure uniqueness of the Security Parameter\nIndex (SPI) for inbound Security Associations (SAs). However, it can\nreturn success even when the requested SPI is already in use, leading\nto duplicate SPIs assigned to multiple inbound SAs, differentiated\nonly by their destination addresses.\n\nThis behavior causes inconsistencies during SPI lookups for inbound packets.\nSince the lookup may return an arbitrary SA among those with the same SPI,\npacket processing can fail, resulting in packet drops.\n\nAccording to RFC 4301 section 4.4.2 , for inbound processing a unicast SA\nis uniquely identified by the SPI and optionally protocol.\n\nReproducing the Issue Reliably:\nTo consistently reproduce the problem, restrict the available SPI range in\ncharon.conf : spi_min = 0x10000000 spi_max = 0x10000002\nThis limits the system to only 2 usable SPI values.\nNext, create more than 2 Child SA. each using unique pair of src/dst address.\nAs soon as the 3rd Child SA is initiated, it will be assigned a duplicate\nSPI, since the SPI pool is already exhausted.\nWith a narrow SPI range, the issue is consistently reproducible.\nWith a broader/default range, it becomes rare and unpredictable.\n\nCurrent implementation:\nxfrm_spi_hash() lookup function computes hash using daddr, proto, and family.\nSo if two SAs have the same SPI but different destination addresses, then\nthey will:\na. Hash into different buckets\nb. Be stored in different linked lists (byspi + h)\nc. Not be seen in the same hlist_for_each_entry_rcu() iteration.\nAs a result, the lookup will result in NULL and kernel allows that Duplicate SPI\n\nProposed Change:\nxfrm_state_lookup_spi_proto() does a truly global search - across all states,\nregardless of hash bucket and matches SPI and proto.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39797",
"url": "https://www.suse.com/security/cve/CVE-2025-39797"
},
{
"category": "external",
"summary": "SUSE Bug 1249608 for CVE-2025-39797",
"url": "https://bugzilla.suse.com/1249608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39797"
},
{
"cve": "CVE-2025-39812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: initialize more fields in sctp_v6_from_sk()\n\nsyzbot found that sin6_scope_id was not properly initialized,\nleading to undefined behavior.\n\nClear sin6_scope_id and sin6_flowinfo.\n\nBUG: KMSAN: uninit-value in __sctp_v6_cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649\n __sctp_v6_cmp_addr+0x887/0x8c0 net/sctp/ipv6.c:649\n sctp_inet6_cmp_addr+0x4f2/0x510 net/sctp/ipv6.c:983\n sctp_bind_addr_conflict+0x22a/0x3b0 net/sctp/bind_addr.c:390\n sctp_get_port_local+0x21eb/0x2440 net/sctp/socket.c:8452\n sctp_get_port net/sctp/socket.c:8523 [inline]\n sctp_listen_start net/sctp/socket.c:8567 [inline]\n sctp_inet_listen+0x710/0xfd0 net/sctp/socket.c:8636\n __sys_listen_socket net/socket.c:1912 [inline]\n __sys_listen net/socket.c:1927 [inline]\n __do_sys_listen net/socket.c:1932 [inline]\n __se_sys_listen net/socket.c:1930 [inline]\n __x64_sys_listen+0x343/0x4c0 net/socket.c:1930\n x64_sys_call+0x271d/0x3e20 arch/x86/include/generated/asm/syscalls_64.h:51\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xd9/0x210 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nLocal variable addr.i.i created at:\n sctp_get_port net/sctp/socket.c:8515 [inline]\n sctp_listen_start net/sctp/socket.c:8567 [inline]\n sctp_inet_listen+0x650/0xfd0 net/sctp/socket.c:8636\n __sys_listen_socket net/socket.c:1912 [inline]\n __sys_listen net/socket.c:1927 [inline]\n __do_sys_listen net/socket.c:1932 [inline]\n __se_sys_listen net/socket.c:1930 [inline]\n __x64_sys_listen+0x343/0x4c0 net/socket.c:1930",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39812",
"url": "https://www.suse.com/security/cve/CVE-2025-39812"
},
{
"category": "external",
"summary": "SUSE Bug 1250202 for CVE-2025-39812",
"url": "https://bugzilla.suse.com/1250202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39812"
},
{
"cve": "CVE-2025-39813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix potential warning in trace_printk_seq during ftrace_dump\n\nWhen calling ftrace_dump_one() concurrently with reading trace_pipe,\na WARN_ON_ONCE() in trace_printk_seq() can be triggered due to a race\ncondition.\n\nThe issue occurs because:\n\nCPU0 (ftrace_dump) CPU1 (reader)\necho z \u003e /proc/sysrq-trigger\n\n!trace_empty(\u0026iter)\ntrace_iterator_reset(\u0026iter) \u003c- len = size = 0\n cat /sys/kernel/tracing/trace_pipe\ntrace_find_next_entry_inc(\u0026iter)\n __find_next_entry\n ring_buffer_empty_cpu \u003c- all empty\n return NULL\n\ntrace_printk_seq(\u0026iter.seq)\n WARN_ON_ONCE(s-\u003eseq.len \u003e= s-\u003eseq.size)\n\nIn the context between trace_empty() and trace_find_next_entry_inc()\nduring ftrace_dump, the ring buffer data was consumed by other readers.\nThis caused trace_find_next_entry_inc to return NULL, failing to populate\n`iter.seq`. At this point, due to the prior trace_iterator_reset, both\n`iter.seq.len` and `iter.seq.size` were set to 0. Since they are equal,\nthe WARN_ON_ONCE condition is triggered.\n\nMove the trace_printk_seq() into the if block that checks to make sure the\nreturn value of trace_find_next_entry_inc() is non-NULL in\nftrace_dump_one(), ensuring the \u0027iter.seq\u0027 is properly populated before\nsubsequent operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39813",
"url": "https://www.suse.com/security/cve/CVE-2025-39813"
},
{
"category": "external",
"summary": "SUSE Bug 1250032 for CVE-2025-39813",
"url": "https://bugzilla.suse.com/1250032"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39813"
},
{
"cve": "CVE-2025-39841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix buffer free/clear order in deferred receive path\n\nFix a use-after-free window by correcting the buffer release sequence in\nthe deferred receive path. The code freed the RQ buffer first and only\nthen cleared the context pointer under the lock. Concurrent paths (e.g.,\nABTS and the repost path) also inspect and release the same pointer under\nthe lock, so the old order could lead to double-free/UAF.\n\nNote that the repost path already uses the correct pattern: detach the\npointer under the lock, then free it after dropping the lock. The\ndeferred path should do the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39841",
"url": "https://www.suse.com/security/cve/CVE-2025-39841"
},
{
"category": "external",
"summary": "SUSE Bug 1250274 for CVE-2025-39841",
"url": "https://bugzilla.suse.com/1250274"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39841"
},
{
"cve": "CVE-2025-39851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvxlan: Fix NPD when refreshing an FDB entry with a nexthop object\n\nVXLAN FDB entries can point to either a remote destination or an FDB\nnexthop group. The latter is usually used in EVPN deployments where\nlearning is disabled.\n\nHowever, when learning is enabled, an incoming packet might try to\nrefresh an FDB entry that points to an FDB nexthop group and therefore\ndoes not have a remote. Such packets should be dropped, but they are\nonly dropped after dereferencing the non-existent remote, resulting in a\nNPD [1] which can be reproduced using [2].\n\nFix by dropping such packets earlier. Remove the misleading comment from\nfirst_remote_rcu().\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\n[...]\nCPU: 13 UID: 0 PID: 361 Comm: mausezahn Not tainted 6.17.0-rc1-virtme-g9f6b606b6b37 #1 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.17.0-4.fc41 04/01/2014\nRIP: 0010:vxlan_snoop+0x98/0x1e0\n[...]\nCall Trace:\n \u003cTASK\u003e\n vxlan_encap_bypass+0x209/0x240\n encap_bypass_if_local+0xb1/0x100\n vxlan_xmit_one+0x1375/0x17e0\n vxlan_xmit+0x6b4/0x15f0\n dev_hard_start_xmit+0x5d/0x1c0\n __dev_queue_xmit+0x246/0xfd0\n packet_sendmsg+0x113a/0x1850\n __sock_sendmsg+0x38/0x70\n __sys_sendto+0x126/0x180\n __x64_sys_sendto+0x24/0x30\n do_syscall_64+0xa4/0x260\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\n[2]\n #!/bin/bash\n\n ip address add 192.0.2.1/32 dev lo\n ip address add 192.0.2.2/32 dev lo\n\n ip nexthop add id 1 via 192.0.2.3 fdb\n ip nexthop add id 10 group 1 fdb\n\n ip link add name vx0 up type vxlan id 10010 local 192.0.2.1 dstport 12345 localbypass\n ip link add name vx1 up type vxlan id 10020 local 192.0.2.2 dstport 54321 learning\n\n bridge fdb add 00:11:22:33:44:55 dev vx0 self static dst 192.0.2.2 port 54321 vni 10020\n bridge fdb add 00:aa:bb:cc:dd:ee dev vx1 self static nhid 10\n\n mausezahn vx0 -a 00:aa:bb:cc:dd:ee -b 00:11:22:33:44:55 -c 1 -q",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39851",
"url": "https://www.suse.com/security/cve/CVE-2025-39851"
},
{
"category": "external",
"summary": "SUSE Bug 1250296 for CVE-2025-39851",
"url": "https://bugzilla.suse.com/1250296"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39851"
},
{
"cve": "CVE-2025-39866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: writeback: fix use-after-free in __mark_inode_dirty()\n\nAn use-after-free issue occurred when __mark_inode_dirty() get the\nbdi_writeback that was in the progress of switching.\n\nCPU: 1 PID: 562 Comm: systemd-random- Not tainted 6.6.56-gb4403bd46a8e #1\n......\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : __mark_inode_dirty+0x124/0x418\nlr : __mark_inode_dirty+0x118/0x418\nsp : ffffffc08c9dbbc0\n........\nCall trace:\n __mark_inode_dirty+0x124/0x418\n generic_update_time+0x4c/0x60\n file_modified+0xcc/0xd0\n ext4_buffered_write_iter+0x58/0x124\n ext4_file_write_iter+0x54/0x704\n vfs_write+0x1c0/0x308\n ksys_write+0x74/0x10c\n __arm64_sys_write+0x1c/0x28\n invoke_syscall+0x48/0x114\n el0_svc_common.constprop.0+0xc0/0xe0\n do_el0_svc+0x1c/0x28\n el0_svc+0x40/0xe4\n el0t_64_sync_handler+0x120/0x12c\n el0t_64_sync+0x194/0x198\n\nRoot cause is:\n\nsystemd-random-seed kworker\n----------------------------------------------------------------------\n___mark_inode_dirty inode_switch_wbs_work_fn\n\n spin_lock(\u0026inode-\u003ei_lock);\n inode_attach_wb\n locked_inode_to_wb_and_lock_list\n get inode-\u003ei_wb\n spin_unlock(\u0026inode-\u003ei_lock);\n spin_lock(\u0026wb-\u003elist_lock)\n spin_lock(\u0026inode-\u003ei_lock)\n inode_io_list_move_locked\n spin_unlock(\u0026wb-\u003elist_lock)\n spin_unlock(\u0026inode-\u003ei_lock)\n spin_lock(\u0026old_wb-\u003elist_lock)\n inode_do_switch_wbs\n spin_lock(\u0026inode-\u003ei_lock)\n inode-\u003ei_wb = new_wb\n spin_unlock(\u0026inode-\u003ei_lock)\n spin_unlock(\u0026old_wb-\u003elist_lock)\n wb_put_many(old_wb, nr_switched)\n cgwb_release\n old wb released\n wb_wakeup_delayed() accesses wb,\n then trigger the use-after-free\n issue\n\nFix this race condition by holding inode spinlock until\nwb_wakeup_delayed() finished.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39866",
"url": "https://www.suse.com/security/cve/CVE-2025-39866"
},
{
"category": "external",
"summary": "SUSE Bug 1250455 for CVE-2025-39866",
"url": "https://bugzilla.suse.com/1250455"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39866"
},
{
"cve": "CVE-2025-39876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable()\n\nThe function of_phy_find_device may return NULL, so we need to take\ncare before dereferencing phy_dev.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39876",
"url": "https://www.suse.com/security/cve/CVE-2025-39876"
},
{
"category": "external",
"summary": "SUSE Bug 1250400 for CVE-2025-39876",
"url": "https://bugzilla.suse.com/1250400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39876"
},
{
"cve": "CVE-2025-39881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkernfs: Fix UAF in polling when open file is released\n\nA use-after-free (UAF) vulnerability was identified in the PSI (Pressure\nStall Information) monitoring mechanism:\n\nBUG: KASAN: slab-use-after-free in psi_trigger_poll+0x3c/0x140\nRead of size 8 at addr ffff3de3d50bd308 by task systemd/1\n\npsi_trigger_poll+0x3c/0x140\ncgroup_pressure_poll+0x70/0xa0\ncgroup_file_poll+0x8c/0x100\nkernfs_fop_poll+0x11c/0x1c0\nep_item_poll.isra.0+0x188/0x2c0\n\nAllocated by task 1:\ncgroup_file_open+0x88/0x388\nkernfs_fop_open+0x73c/0xaf0\ndo_dentry_open+0x5fc/0x1200\nvfs_open+0xa0/0x3f0\ndo_open+0x7e8/0xd08\npath_openat+0x2fc/0x6b0\ndo_filp_open+0x174/0x368\n\nFreed by task 8462:\ncgroup_file_release+0x130/0x1f8\nkernfs_drain_open_files+0x17c/0x440\nkernfs_drain+0x2dc/0x360\nkernfs_show+0x1b8/0x288\ncgroup_file_show+0x150/0x268\ncgroup_pressure_write+0x1dc/0x340\ncgroup_file_write+0x274/0x548\n\nReproduction Steps:\n1. Open test/cpu.pressure and establish epoll monitoring\n2. Disable monitoring: echo 0 \u003e test/cgroup.pressure\n3. Re-enable monitoring: echo 1 \u003e test/cgroup.pressure\n\nThe race condition occurs because:\n1. When cgroup.pressure is disabled (echo 0 \u003e cgroup.pressure), it:\n - Releases PSI triggers via cgroup_file_release()\n - Frees of-\u003epriv through kernfs_drain_open_files()\n2. While epoll still holds reference to the file and continues polling\n3. Re-enabling (echo 1 \u003e cgroup.pressure) accesses freed of-\u003epriv\n\nepolling\t\t\tdisable/enable cgroup.pressure\nfd=open(cpu.pressure)\nwhile(1)\n...\nepoll_wait\nkernfs_fop_poll\nkernfs_get_active = true\techo 0 \u003e cgroup.pressure\n...\t\t\t\tcgroup_file_show\n\t\t\t\tkernfs_show\n\t\t\t\t// inactive kn\n\t\t\t\tkernfs_drain_open_files\n\t\t\t\tcft-\u003erelease(of);\n\t\t\t\tkfree(ctx);\n\t\t\t\t...\nkernfs_get_active = false\n\t\t\t\techo 1 \u003e cgroup.pressure\n\t\t\t\tkernfs_show\n\t\t\t\tkernfs_activate_one(kn);\nkernfs_fop_poll\nkernfs_get_active = true\ncgroup_file_poll\npsi_trigger_poll\n// UAF\n...\nend: close(fd)\n\nTo address this issue, introduce kernfs_get_active_of() for kernfs open\nfiles to obtain active references. This function will fail if the open file\nhas been released. Replace kernfs_get_active() with kernfs_get_active_of()\nto prevent further operations on released file descriptors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39881",
"url": "https://www.suse.com/security/cve/CVE-2025-39881"
},
{
"category": "external",
"summary": "SUSE Bug 1250379 for CVE-2025-39881",
"url": "https://bugzilla.suse.com/1250379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39881"
},
{
"cve": "CVE-2025-39895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsched: Fix sched_numa_find_nth_cpu() if mask offline\n\nsched_numa_find_nth_cpu() uses a bsearch to look for the \u0027closest\u0027\nCPU in sched_domains_numa_masks and given cpus mask. However they\nmight not intersect if all CPUs in the cpus mask are offline. bsearch\nwill return NULL in that case, bail out instead of dereferencing a\nbogus pointer.\n\nThe previous behaviour lead to this bug when using maxcpus=4 on an\nrk3399 (LLLLbb) (i.e. booting with all big CPUs offline):\n\n[ 1.422922] Unable to handle kernel paging request at virtual address ffffff8000000000\n[ 1.423635] Mem abort info:\n[ 1.423889] ESR = 0x0000000096000006\n[ 1.424227] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 1.424715] SET = 0, FnV = 0\n[ 1.424995] EA = 0, S1PTW = 0\n[ 1.425279] FSC = 0x06: level 2 translation fault\n[ 1.425735] Data abort info:\n[ 1.425998] ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000\n[ 1.426499] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 1.426952] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 1.427428] swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000004a9f000\n[ 1.428038] [ffffff8000000000] pgd=18000000f7fff403, p4d=18000000f7fff403, pud=18000000f7fff403, pmd=0000000000000000\n[ 1.429014] Internal error: Oops: 0000000096000006 [#1] SMP\n[ 1.429525] Modules linked in:\n[ 1.429813] CPU: 3 UID: 0 PID: 1 Comm: swapper/0 Not tainted 6.17.0-rc4-dirty #343 PREEMPT\n[ 1.430559] Hardware name: Pine64 RockPro64 v2.1 (DT)\n[ 1.431012] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 1.431634] pc : sched_numa_find_nth_cpu+0x2a0/0x488\n[ 1.432094] lr : sched_numa_find_nth_cpu+0x284/0x488\n[ 1.432543] sp : ffffffc084e1b960\n[ 1.432843] x29: ffffffc084e1b960 x28: ffffff80078a8800 x27: ffffffc0846eb1d0\n[ 1.433495] x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n[ 1.434144] x23: 0000000000000000 x22: fffffffffff7f093 x21: ffffffc081de6378\n[ 1.434792] x20: 0000000000000000 x19: 0000000ffff7f093 x18: 00000000ffffffff\n[ 1.435441] x17: 3030303866666666 x16: 66663d736b73616d x15: ffffffc104e1b5b7\n[ 1.436091] x14: 0000000000000000 x13: ffffffc084712860 x12: 0000000000000372\n[ 1.436739] x11: 0000000000000126 x10: ffffffc08476a860 x9 : ffffffc084712860\n[ 1.437389] x8 : 00000000ffffefff x7 : ffffffc08476a860 x6 : 0000000000000000\n[ 1.438036] x5 : 000000000000bff4 x4 : 0000000000000000 x3 : 0000000000000000\n[ 1.438683] x2 : 0000000000000000 x1 : ffffffc0846eb000 x0 : ffffff8000407b68\n[ 1.439332] Call trace:\n[ 1.439559] sched_numa_find_nth_cpu+0x2a0/0x488 (P)\n[ 1.440016] smp_call_function_any+0xc8/0xd0\n[ 1.440416] armv8_pmu_init+0x58/0x27c\n[ 1.440770] armv8_cortex_a72_pmu_init+0x20/0x2c\n[ 1.441199] arm_pmu_device_probe+0x1e4/0x5e8\n[ 1.441603] armv8_pmu_device_probe+0x1c/0x28\n[ 1.442007] platform_probe+0x5c/0xac\n[ 1.442347] really_probe+0xbc/0x298\n[ 1.442683] __driver_probe_device+0x78/0x12c\n[ 1.443087] driver_probe_device+0xdc/0x160\n[ 1.443475] __driver_attach+0x94/0x19c\n[ 1.443833] bus_for_each_dev+0x74/0xd4\n[ 1.444190] driver_attach+0x24/0x30\n[ 1.444525] bus_add_driver+0xe4/0x208\n[ 1.444874] driver_register+0x60/0x128\n[ 1.445233] __platform_driver_register+0x24/0x30\n[ 1.445662] armv8_pmu_driver_init+0x28/0x4c\n[ 1.446059] do_one_initcall+0x44/0x25c\n[ 1.446416] kernel_init_freeable+0x1dc/0x3bc\n[ 1.446820] kernel_init+0x20/0x1d8\n[ 1.447151] ret_from_fork+0x10/0x20\n[ 1.447493] Code: 90022e21 f000e5f5 910de2b5 2a1703e2 (f8767803)\n[ 1.448040] ---[ end trace 0000000000000000 ]---\n[ 1.448483] note: swapper/0[1] exited with preempt_count 1\n[ 1.449047] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000000b\n[ 1.449741] SMP: stopping secondary CPUs\n[ 1.450105] Kernel Offset: disabled\n[ 1.450419] CPU features: 0x000000,00080000,20002001,0400421b\n[ \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39895",
"url": "https://www.suse.com/security/cve/CVE-2025-39895"
},
{
"category": "external",
"summary": "SUSE Bug 1250721 for CVE-2025-39895",
"url": "https://bugzilla.suse.com/1250721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39895"
},
{
"cve": "CVE-2025-39902",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39902"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slub: avoid accessing metadata when pointer is invalid in object_err()\n\nobject_err() reports details of an object for further debugging, such as\nthe freelist pointer, redzone, etc. However, if the pointer is invalid,\nattempting to access object metadata can lead to a crash since it does\nnot point to a valid object.\n\nOne known path to the crash is when alloc_consistency_checks()\ndetermines the pointer to the allocated object is invalid because of a\nfreelist corruption, and calls object_err() to report it. The debug code\nshould report and handle the corruption gracefully and not crash in the\nprocess.\n\nIn case the pointer is NULL or check_valid_pointer() returns false for\nthe pointer, only print the pointer value and skip accessing metadata.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39902",
"url": "https://www.suse.com/security/cve/CVE-2025-39902"
},
{
"category": "external",
"summary": "SUSE Bug 1250702 for CVE-2025-39902",
"url": "https://bugzilla.suse.com/1250702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39902"
},
{
"cve": "CVE-2025-39911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path\n\nIf request_irq() in i40e_vsi_request_irq_msix() fails in an iteration\nlater than the first, the error path wants to free the IRQs requested\nso far. However, it uses the wrong dev_id argument for free_irq(), so\nit does not free the IRQs correctly and instead triggers the warning:\n\n Trying to free already-free IRQ 173\n WARNING: CPU: 25 PID: 1091 at kernel/irq/manage.c:1829 __free_irq+0x192/0x2c0\n Modules linked in: i40e(+) [...]\n CPU: 25 UID: 0 PID: 1091 Comm: NetworkManager Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy)\n Hardware name: [...]\n RIP: 0010:__free_irq+0x192/0x2c0\n [...]\n Call Trace:\n \u003cTASK\u003e\n free_irq+0x32/0x70\n i40e_vsi_request_irq_msix.cold+0x63/0x8b [i40e]\n i40e_vsi_request_irq+0x79/0x80 [i40e]\n i40e_vsi_open+0x21f/0x2f0 [i40e]\n i40e_open+0x63/0x130 [i40e]\n __dev_open+0xfc/0x210\n __dev_change_flags+0x1fc/0x240\n netif_change_flags+0x27/0x70\n do_setlink.isra.0+0x341/0xc70\n rtnl_newlink+0x468/0x860\n rtnetlink_rcv_msg+0x375/0x450\n netlink_rcv_skb+0x5c/0x110\n netlink_unicast+0x288/0x3c0\n netlink_sendmsg+0x20d/0x430\n ____sys_sendmsg+0x3a2/0x3d0\n ___sys_sendmsg+0x99/0xe0\n __sys_sendmsg+0x8a/0xf0\n do_syscall_64+0x82/0x2c0\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n \u003c/TASK\u003e\n ---[ end trace 0000000000000000 ]---\n\nUse the same dev_id for free_irq() as for request_irq().\n\nI tested this with inserting code to fail intentionally.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39911",
"url": "https://www.suse.com/security/cve/CVE-2025-39911"
},
{
"category": "external",
"summary": "SUSE Bug 1250704 for CVE-2025-39911",
"url": "https://bugzilla.suse.com/1250704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39911"
},
{
"cve": "CVE-2025-39931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: af_alg - Set merge to zero early in af_alg_sendmsg\n\nIf an error causes af_alg_sendmsg to abort, ctx-\u003emerge may contain\na garbage value from the previous loop. This may then trigger a\ncrash on the next entry into af_alg_sendmsg when it attempts to do\na merge that can\u0027t be done.\n\nFix this by setting ctx-\u003emerge to zero near the start of the loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39931",
"url": "https://www.suse.com/security/cve/CVE-2025-39931"
},
{
"category": "external",
"summary": "SUSE Bug 1251100 for CVE-2025-39931",
"url": "https://bugzilla.suse.com/1251100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39931"
},
{
"cve": "CVE-2025-39934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: anx7625: Fix NULL pointer dereference with early IRQ\n\nIf the interrupt occurs before resource initialization is complete, the\ninterrupt handler/worker may access uninitialized data such as the I2C\ntcpc_client device, potentially leading to NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39934",
"url": "https://www.suse.com/security/cve/CVE-2025-39934"
},
{
"category": "external",
"summary": "SUSE Bug 1251146 for CVE-2025-39934",
"url": "https://bugzilla.suse.com/1251146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39934"
},
{
"cve": "CVE-2025-39937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer\n\nSince commit 7d5e9737efda (\"net: rfkill: gpio: get the name and type from\ndevice property\") rfkill_find_type() gets called with the possibly\nuninitialized \"const char *type_name;\" local variable.\n\nOn x86 systems when rfkill-gpio binds to a \"BCM4752\" or \"LNV4752\"\nacpi_device, the rfkill-\u003etype is set based on the ACPI acpi_device_id:\n\n rfkill-\u003etype = (unsigned)id-\u003edriver_data;\n\nand there is no \"type\" property so device_property_read_string() will fail\nand leave type_name uninitialized, leading to a potential crash.\n\nrfkill_find_type() does accept a NULL pointer, fix the potential crash\nby initializing type_name to NULL.\n\nNote likely sofar this has not been caught because:\n\n1. Not many x86 machines actually have a \"BCM4752\"/\"LNV4752\" acpi_device\n2. The stack happened to contain NULL where type_name is stored",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39937",
"url": "https://www.suse.com/security/cve/CVE-2025-39937"
},
{
"category": "external",
"summary": "SUSE Bug 1251143 for CVE-2025-39937",
"url": "https://bugzilla.suse.com/1251143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39937"
},
{
"cve": "CVE-2025-39938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: q6apm-lpass-dais: Fix NULL pointer dereference if source graph failed\n\nIf earlier opening of source graph fails (e.g. ADSP rejects due to\nincorrect audioreach topology), the graph is closed and\n\"dai_data-\u003egraph[dai-\u003eid]\" is assigned NULL. Preparing the DAI for sink\ngraph continues though and next call to q6apm_lpass_dai_prepare()\nreceives dai_data-\u003egraph[dai-\u003eid]=NULL leading to NULL pointer\nexception:\n\n qcom-apm gprsvc:service:2:1: Error (1) Processing 0x01001002 cmd\n qcom-apm gprsvc:service:2:1: DSP returned error[1001002] 1\n q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: fail to start APM port 78\n q6apm-lpass-dais 30000000.remoteproc:glink-edge:gpr:service@1:bedais: ASoC: error at snd_soc_pcm_dai_prepare on TX_CODEC_DMA_TX_3: -22\n Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a8\n ...\n Call trace:\n q6apm_graph_media_format_pcm+0x48/0x120 (P)\n q6apm_lpass_dai_prepare+0x110/0x1b4\n snd_soc_pcm_dai_prepare+0x74/0x108\n __soc_pcm_prepare+0x44/0x160\n dpcm_be_dai_prepare+0x124/0x1c0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39938",
"url": "https://www.suse.com/security/cve/CVE-2025-39938"
},
{
"category": "external",
"summary": "SUSE Bug 1251134 for CVE-2025-39938",
"url": "https://bugzilla.suse.com/1251134"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39938"
},
{
"cve": "CVE-2025-39945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncnic: Fix use-after-free bugs in cnic_delete_task\n\nThe original code uses cancel_delayed_work() in cnic_cm_stop_bnx2x_hw(),\nwhich does not guarantee that the delayed work item \u0027delete_task\u0027 has\nfully completed if it was already running. Additionally, the delayed work\nitem is cyclic, the flush_workqueue() in cnic_cm_stop_bnx2x_hw() only\nblocks and waits for work items that were already queued to the\nworkqueue prior to its invocation. Any work items submitted after\nflush_workqueue() is called are not included in the set of tasks that the\nflush operation awaits. This means that after the cyclic work items have\nfinished executing, a delayed work item may still exist in the workqueue.\nThis leads to use-after-free scenarios where the cnic_dev is deallocated\nby cnic_free_dev(), while delete_task remains active and attempt to\ndereference cnic_dev in cnic_delete_task().\n\nA typical race condition is illustrated below:\n\nCPU 0 (cleanup) | CPU 1 (delayed work callback)\ncnic_netdev_event() |\n cnic_stop_hw() | cnic_delete_task()\n cnic_cm_stop_bnx2x_hw() | ...\n cancel_delayed_work() | /* the queue_delayed_work()\n flush_workqueue() | executes after flush_workqueue()*/\n | queue_delayed_work()\n cnic_free_dev(dev)//free | cnic_delete_task() //new instance\n | dev = cp-\u003edev; //use\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the cyclic delayed work item is properly canceled and that any\nongoing execution of the work item completes before the cnic_dev is\ndeallocated. Furthermore, since cancel_delayed_work_sync() uses\n__flush_work(work, true) to synchronously wait for any currently\nexecuting instance of the work item to finish, the flush_workqueue()\nbecomes redundant and should be removed.\n\nThis bug was identified through static analysis. To reproduce the issue\nand validate the fix, I simulated the cnic PCI device in QEMU and\nintroduced intentional delays - such as inserting calls to ssleep()\nwithin the cnic_delete_task() function - to increase the likelihood\nof triggering the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39945",
"url": "https://www.suse.com/security/cve/CVE-2025-39945"
},
{
"category": "external",
"summary": "SUSE Bug 1251230 for CVE-2025-39945",
"url": "https://bugzilla.suse.com/1251230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39945"
},
{
"cve": "CVE-2025-39946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: make sure to abort the stream if headers are bogus\n\nNormally we wait for the socket to buffer up the whole record\nbefore we service it. If the socket has a tiny buffer, however,\nwe read out the data sooner, to prevent connection stalls.\nMake sure that we abort the connection when we find out late\nthat the record is actually invalid. Retrying the parsing is\nfine in itself but since we copy some more data each time\nbefore we parse we can overflow the allocated skb space.\n\nConstructing a scenario in which we\u0027re under pressure without\nenough data in the socket to parse the length upfront is quite\nhard. syzbot figured out a way to do this by serving us the header\nin small OOB sends, and then filling in the recvbuf with a large\nnormal send.\n\nMake sure that tls_rx_msg_size() aborts strp, if we reach\nan invalid record there\u0027s really no way to recover.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39946",
"url": "https://www.suse.com/security/cve/CVE-2025-39946"
},
{
"category": "external",
"summary": "SUSE Bug 1251114 for CVE-2025-39946",
"url": "https://bugzilla.suse.com/1251114"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39946"
},
{
"cve": "CVE-2025-39947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Harden uplink netdev access against device unbind\n\nThe function mlx5_uplink_netdev_get() gets the uplink netdevice\npointer from mdev-\u003emlx5e_res.uplink_netdev. However, the netdevice can\nbe removed and its pointer cleared when unbound from the mlx5_core.eth\ndriver. This results in a NULL pointer, causing a kernel panic.\n\n BUG: unable to handle page fault for address: 0000000000001300\n at RIP: 0010:mlx5e_vport_rep_load+0x22a/0x270 [mlx5_core]\n Call Trace:\n \u003cTASK\u003e\n mlx5_esw_offloads_rep_load+0x68/0xe0 [mlx5_core]\n esw_offloads_enable+0x593/0x910 [mlx5_core]\n mlx5_eswitch_enable_locked+0x341/0x420 [mlx5_core]\n mlx5_devlink_eswitch_mode_set+0x17e/0x3a0 [mlx5_core]\n devlink_nl_eswitch_set_doit+0x60/0xd0\n genl_family_rcv_msg_doit+0xe0/0x130\n genl_rcv_msg+0x183/0x290\n netlink_rcv_skb+0x4b/0xf0\n genl_rcv+0x24/0x40\n netlink_unicast+0x255/0x380\n netlink_sendmsg+0x1f3/0x420\n __sock_sendmsg+0x38/0x60\n __sys_sendto+0x119/0x180\n do_syscall_64+0x53/0x1d0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n\nEnsure the pointer is valid before use by checking it for NULL. If it\nis valid, immediately call netdev_hold() to take a reference, and\npreventing the netdevice from being freed while it is in use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39947",
"url": "https://www.suse.com/security/cve/CVE-2025-39947"
},
{
"category": "external",
"summary": "SUSE Bug 1251232 for CVE-2025-39947",
"url": "https://bugzilla.suse.com/1251232"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39947"
},
{
"cve": "CVE-2025-39948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix Rx page leak on multi-buffer frames\n\nThe ice_put_rx_mbuf() function handles calling ice_put_rx_buf() for each\nbuffer in the current frame. This function was introduced as part of\nhandling multi-buffer XDP support in the ice driver.\n\nIt works by iterating over the buffers from first_desc up to 1 plus the\ntotal number of fragments in the frame, cached from before the XDP program\nwas executed.\n\nIf the hardware posts a descriptor with a size of 0, the logic used in\nice_put_rx_mbuf() breaks. Such descriptors get skipped and don\u0027t get added\nas fragments in ice_add_xdp_frag. Since the buffer isn\u0027t counted as a\nfragment, we do not iterate over it in ice_put_rx_mbuf(), and thus we don\u0027t\ncall ice_put_rx_buf().\n\nBecause we don\u0027t call ice_put_rx_buf(), we don\u0027t attempt to re-use the\npage or free it. This leaves a stale page in the ring, as we don\u0027t\nincrement next_to_alloc.\n\nThe ice_reuse_rx_page() assumes that the next_to_alloc has been incremented\nproperly, and that it always points to a buffer with a NULL page. Since\nthis function doesn\u0027t check, it will happily recycle a page over the top\nof the next_to_alloc buffer, losing track of the old page.\n\nNote that this leak only occurs for multi-buffer frames. The\nice_put_rx_mbuf() function always handles at least one buffer, so a\nsingle-buffer frame will always get handled correctly. It is not clear\nprecisely why the hardware hands us descriptors with a size of 0 sometimes,\nbut it happens somewhat regularly with \"jumbo frames\" used by 9K MTU.\n\nTo fix ice_put_rx_mbuf(), we need to make sure to call ice_put_rx_buf() on\nall buffers between first_desc and next_to_clean. Borrow the logic of a\nsimilar function in i40e used for this same purpose. Use the same logic\nalso in ice_get_pgcnts().\n\nInstead of iterating over just the number of fragments, use a loop which\niterates until the current index reaches to the next_to_clean element just\npast the current frame. Unlike i40e, the ice_put_rx_mbuf() function does\ncall ice_put_rx_buf() on the last buffer of the frame indicating the end of\npacket.\n\nFor non-linear (multi-buffer) frames, we need to take care when adjusting\nthe pagecnt_bias. An XDP program might release fragments from the tail of\nthe frame, in which case that fragment page is already released. Only\nupdate the pagecnt_bias for the first descriptor and fragments still\nremaining post-XDP program. Take care to only access the shared info for\nfragmented buffers, as this avoids a significant cache miss.\n\nThe xdp_xmit value only needs to be updated if an XDP program is run, and\nonly once per packet. Drop the xdp_xmit pointer argument from\nice_put_rx_mbuf(). Instead, set xdp_xmit in the ice_clean_rx_irq() function\ndirectly. This avoids needing to pass the argument and avoids an extra\nbit-wise OR for each buffer in the frame.\n\nMove the increment of the ntc local variable to ensure its updated *before*\nall calls to ice_get_pgcnts() or ice_put_rx_mbuf(), as the loop logic\nrequires the index of the element just after the current frame.\n\nNow that we use an index pointer in the ring to identify the packet, we no\nlonger need to track or cache the number of fragments in the rx_ring.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39948",
"url": "https://www.suse.com/security/cve/CVE-2025-39948"
},
{
"category": "external",
"summary": "SUSE Bug 1251233 for CVE-2025-39948",
"url": "https://bugzilla.suse.com/1251233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39948"
},
{
"cve": "CVE-2025-39949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqed: Don\u0027t collect too many protection override GRC elements\n\nIn the protection override dump path, the firmware can return far too\nmany GRC elements, resulting in attempting to write past the end of the\npreviously-kmalloc\u0027ed dump buffer.\n\nThis will result in a kernel panic with reason:\n\n BUG: unable to handle kernel paging request at ADDRESS\n\nwhere \"ADDRESS\" is just past the end of the protection override dump\nbuffer. The start address of the buffer is:\n p_hwfn-\u003ecdev-\u003edbg_features[DBG_FEATURE_PROTECTION_OVERRIDE].dump_buf\nand the size of the buffer is buf_size in the same data structure.\n\nThe panic can be arrived at from either the qede Ethernet driver path:\n\n [exception RIP: qed_grc_dump_addr_range+0x108]\n qed_protection_override_dump at ffffffffc02662ed [qed]\n qed_dbg_protection_override_dump at ffffffffc0267792 [qed]\n qed_dbg_feature at ffffffffc026aa8f [qed]\n qed_dbg_all_data at ffffffffc026b211 [qed]\n qed_fw_fatal_reporter_dump at ffffffffc027298a [qed]\n devlink_health_do_dump at ffffffff82497f61\n devlink_health_report at ffffffff8249cf29\n qed_report_fatal_error at ffffffffc0272baf [qed]\n qede_sp_task at ffffffffc045ed32 [qede]\n process_one_work at ffffffff81d19783\n\nor the qedf storage driver path:\n\n [exception RIP: qed_grc_dump_addr_range+0x108]\n qed_protection_override_dump at ffffffffc068b2ed [qed]\n qed_dbg_protection_override_dump at ffffffffc068c792 [qed]\n qed_dbg_feature at ffffffffc068fa8f [qed]\n qed_dbg_all_data at ffffffffc0690211 [qed]\n qed_fw_fatal_reporter_dump at ffffffffc069798a [qed]\n devlink_health_do_dump at ffffffff8aa95e51\n devlink_health_report at ffffffff8aa9ae19\n qed_report_fatal_error at ffffffffc0697baf [qed]\n qed_hw_err_notify at ffffffffc06d32d7 [qed]\n qed_spq_post at ffffffffc06b1011 [qed]\n qed_fcoe_destroy_conn at ffffffffc06b2e91 [qed]\n qedf_cleanup_fcport at ffffffffc05e7597 [qedf]\n qedf_rport_event_handler at ffffffffc05e7bf7 [qedf]\n fc_rport_work at ffffffffc02da715 [libfc]\n process_one_work at ffffffff8a319663\n\nResolve this by clamping the firmware\u0027s return value to the maximum\nnumber of legal elements the firmware should return.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39949",
"url": "https://www.suse.com/security/cve/CVE-2025-39949"
},
{
"category": "external",
"summary": "SUSE Bug 1251177 for CVE-2025-39949",
"url": "https://bugzilla.suse.com/1251177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39949"
},
{
"cve": "CVE-2025-39952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: avoid buffer overflow in WID string configuration\n\nFix the following copy overflow warning identified by Smatch checker.\n\n drivers/net/wireless/microchip/wilc1000/wlan_cfg.c:184 wilc_wlan_parse_response_frame()\n error: \u0027__memcpy()\u0027 \u0027cfg-\u003es[i]-\u003estr\u0027 copy overflow (512 vs 65537)\n\nThis patch introduces size check before accessing the memory buffer.\nThe checks are base on the WID type of received data from the firmware.\nFor WID string configuration, the size limit is determined by individual\nelement size in \u0027struct wilc_cfg_str_vals\u0027 that is maintained in \u0027len\u0027 field\nof \u0027struct wilc_cfg_str\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39952",
"url": "https://www.suse.com/security/cve/CVE-2025-39952"
},
{
"category": "external",
"summary": "SUSE Bug 1251216 for CVE-2025-39952",
"url": "https://bugzilla.suse.com/1251216"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39952"
},
{
"cve": "CVE-2025-39955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Clear tcp_sk(sk)-\u003efastopen_rsk in tcp_disconnect().\n\nsyzbot reported the splat below where a socket had tcp_sk(sk)-\u003efastopen_rsk\nin the TCP_ESTABLISHED state. [0]\n\nsyzbot reused the server-side TCP Fast Open socket as a new client before\nthe TFO socket completes 3WHS:\n\n 1. accept()\n 2. connect(AF_UNSPEC)\n 3. connect() to another destination\n\nAs of accept(), sk-\u003esk_state is TCP_SYN_RECV, and tcp_disconnect() changes\nit to TCP_CLOSE and makes connect() possible, which restarts timers.\n\nSince tcp_disconnect() forgot to clear tcp_sk(sk)-\u003efastopen_rsk, the\nretransmit timer triggered the warning and the intended packet was not\nretransmitted.\n\nLet\u0027s call reqsk_fastopen_remove() in tcp_disconnect().\n\n[0]:\nWARNING: CPU: 2 PID: 0 at net/ipv4/tcp_timer.c:542 tcp_retransmit_timer (net/ipv4/tcp_timer.c:542 (discriminator 7))\nModules linked in:\nCPU: 2 UID: 0 PID: 0 Comm: swapper/2 Not tainted 6.17.0-rc5-g201825fb4278 #62 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nRIP: 0010:tcp_retransmit_timer (net/ipv4/tcp_timer.c:542 (discriminator 7))\nCode: 41 55 41 54 55 53 48 8b af b8 08 00 00 48 89 fb 48 85 ed 0f 84 55 01 00 00 0f b6 47 12 3c 03 74 0c 0f b6 47 12 3c 04 74 04 90 \u003c0f\u003e 0b 90 48 8b 85 c0 00 00 00 48 89 ef 48 8b 40 30 e8 6a 4f 06 3e\nRSP: 0018:ffffc900002f8d40 EFLAGS: 00010293\nRAX: 0000000000000002 RBX: ffff888106911400 RCX: 0000000000000017\nRDX: 0000000002517619 RSI: ffffffff83764080 RDI: ffff888106911400\nRBP: ffff888106d5c000 R08: 0000000000000001 R09: ffffc900002f8de8\nR10: 00000000000000c2 R11: ffffc900002f8ff8 R12: ffff888106911540\nR13: ffff888106911480 R14: ffff888106911840 R15: ffffc900002f8de0\nFS: 0000000000000000(0000) GS:ffff88907b768000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8044d69d90 CR3: 0000000002c30003 CR4: 0000000000370ef0\nCall Trace:\n \u003cIRQ\u003e\n tcp_write_timer (net/ipv4/tcp_timer.c:738)\n call_timer_fn (kernel/time/timer.c:1747)\n __run_timers (kernel/time/timer.c:1799 kernel/time/timer.c:2372)\n timer_expire_remote (kernel/time/timer.c:2385 kernel/time/timer.c:2376 kernel/time/timer.c:2135)\n tmigr_handle_remote_up (kernel/time/timer_migration.c:944 kernel/time/timer_migration.c:1035)\n __walk_groups.isra.0 (kernel/time/timer_migration.c:533 (discriminator 1))\n tmigr_handle_remote (kernel/time/timer_migration.c:1096)\n handle_softirqs (./arch/x86/include/asm/jump_label.h:36 ./include/trace/events/irq.h:142 kernel/softirq.c:580)\n irq_exit_rcu (kernel/softirq.c:614 kernel/softirq.c:453 kernel/softirq.c:680 kernel/softirq.c:696)\n sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1050 (discriminator 35) arch/x86/kernel/apic/apic.c:1050 (discriminator 35))\n \u003c/IRQ\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39955",
"url": "https://www.suse.com/security/cve/CVE-2025-39955"
},
{
"category": "external",
"summary": "SUSE Bug 1251804 for CVE-2025-39955",
"url": "https://bugzilla.suse.com/1251804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39955"
},
{
"cve": "CVE-2025-39957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: increase scan_ies_len for S1G\n\nCurrently the S1G capability element is not taken into account\nfor the scan_ies_len, which leads to a buffer length validation\nfailure in ieee80211_prep_hw_scan() and subsequent WARN in\n__ieee80211_start_scan(). This prevents hw scanning from functioning.\nTo fix ensure we accommodate for the S1G capability length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39957",
"url": "https://www.suse.com/security/cve/CVE-2025-39957"
},
{
"category": "external",
"summary": "SUSE Bug 1251810 for CVE-2025-39957",
"url": "https://bugzilla.suse.com/1251810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2025-39957"
},
{
"cve": "CVE-2025-39965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: xfrm_alloc_spi shouldn\u0027t use 0 as SPI\n\nx-\u003eid.spi == 0 means \"no SPI assigned\", but since commit\n94f39804d891 (\"xfrm: Duplicate SPI Handling\"), we now create states\nand add them to the byspi list with this value.\n\n__xfrm_state_delete doesn\u0027t remove those states from the byspi list,\nsince they shouldn\u0027t be there, and this shows up as a UAF the next\ntime we go through the byspi list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39965",
"url": "https://www.suse.com/security/cve/CVE-2025-39965"
},
{
"category": "external",
"summary": "SUSE Bug 1251967 for CVE-2025-39965",
"url": "https://bugzilla.suse.com/1251967"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39965"
},
{
"cve": "CVE-2025-39967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbcon: fix integer overflow in fbcon_do_set_font\n\nFix integer overflow vulnerabilities in fbcon_do_set_font() where font\nsize calculations could overflow when handling user-controlled font\nparameters.\n\nThe vulnerabilities occur when:\n1. CALC_FONTSZ(h, pitch, charcount) performs h * pith * charcount\n multiplication with user-controlled values that can overflow.\n2. FONT_EXTRA_WORDS * sizeof(int) + size addition can also overflow\n3. This results in smaller allocations than expected, leading to buffer\n overflows during font data copying.\n\nAdd explicit overflow checking using check_mul_overflow() and\ncheck_add_overflow() kernel helpers to safety validate all size\ncalculations before allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39967",
"url": "https://www.suse.com/security/cve/CVE-2025-39967"
},
{
"category": "external",
"summary": "SUSE Bug 1252033 for CVE-2025-39967",
"url": "https://bugzilla.suse.com/1252033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39967"
},
{
"cve": "CVE-2025-39968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: add max boundary check for VF filters\n\nThere is no check for max filters that VF can request. Add it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39968",
"url": "https://www.suse.com/security/cve/CVE-2025-39968"
},
{
"category": "external",
"summary": "SUSE Bug 1252047 for CVE-2025-39968",
"url": "https://bugzilla.suse.com/1252047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2025-39968"
},
{
"cve": "CVE-2025-39969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix validation of VF state in get resources\n\nVF state I40E_VF_STATE_ACTIVE is not the only state in which\nVF is actually active so it should not be used to determine\nif a VF is allowed to obtain resources.\n\nUse I40E_VF_STATE_RESOURCES_LOADED that is set only in\ni40e_vc_get_vf_resources_msg() and cleared during reset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39969",
"url": "https://www.suse.com/security/cve/CVE-2025-39969"
},
{
"category": "external",
"summary": "SUSE Bug 1252044 for CVE-2025-39969",
"url": "https://bugzilla.suse.com/1252044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39969"
},
{
"cve": "CVE-2025-39970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix input validation logic for action_meta\n\nFix condition to check \u0027greater or equal\u0027 to prevent OOB dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39970",
"url": "https://www.suse.com/security/cve/CVE-2025-39970"
},
{
"category": "external",
"summary": "SUSE Bug 1252051 for CVE-2025-39970",
"url": "https://bugzilla.suse.com/1252051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39970"
},
{
"cve": "CVE-2025-39971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix idx validation in config queues msg\n\nEnsure idx is within range of active/initialized TCs when iterating over\nvf-\u003ech[idx] in i40e_vc_config_queues_msg().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39971",
"url": "https://www.suse.com/security/cve/CVE-2025-39971"
},
{
"category": "external",
"summary": "SUSE Bug 1252052 for CVE-2025-39971",
"url": "https://bugzilla.suse.com/1252052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39971"
},
{
"cve": "CVE-2025-39972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix idx validation in i40e_validate_queue_map\n\nEnsure idx is within range of active/initialized TCs when iterating over\nvf-\u003ech[idx] in i40e_validate_queue_map().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39972",
"url": "https://www.suse.com/security/cve/CVE-2025-39972"
},
{
"category": "external",
"summary": "SUSE Bug 1252039 for CVE-2025-39972",
"url": "https://bugzilla.suse.com/1252039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39972"
},
{
"cve": "CVE-2025-39973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: add validation for ring_len param\n\nThe `ring_len` parameter provided by the virtual function (VF)\nis assigned directly to the hardware memory context (HMC) without\nany validation.\n\nTo address this, introduce an upper boundary check for both Tx and Rx\nqueue lengths. The maximum number of descriptors supported by the\nhardware is 8k-32.\nAdditionally, enforce alignment constraints: Tx rings must be a multiple\nof 8, and Rx rings must be a multiple of 32.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39973",
"url": "https://www.suse.com/security/cve/CVE-2025-39973"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-39973",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1252035 for CVE-2025-39973",
"url": "https://bugzilla.suse.com/1252035"
},
{
"category": "external",
"summary": "SUSE Bug 1252036 for CVE-2025-39973",
"url": "https://bugzilla.suse.com/1252036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2025-39973"
},
{
"cve": "CVE-2025-39978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: Fix potential use after free in otx2_tc_add_flow()\n\nThis code calls kfree_rcu(new_node, rcu) and then dereferences \"new_node\"\nand then dereferences it on the next line. Two lines later, we take\na mutex so I don\u0027t think this is an RCU safe region. Re-order it to do\nthe dereferences before queuing up the free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39978",
"url": "https://www.suse.com/security/cve/CVE-2025-39978"
},
{
"category": "external",
"summary": "SUSE Bug 1252069 for CVE-2025-39978",
"url": "https://bugzilla.suse.com/1252069"
},
{
"category": "external",
"summary": "SUSE Bug 1252071 for CVE-2025-39978",
"url": "https://bugzilla.suse.com/1252071"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2025-39978"
},
{
"cve": "CVE-2025-39981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix possible UAFs\n\nThis attemps to fix possible UAFs caused by struct mgmt_pending being\nfreed while still being processed like in the following trace, in order\nto fix mgmt_pending_valid is introduce and use to check if the\nmgmt_pending hasn\u0027t been removed from the pending list, on the complete\ncallbacks it is used to check and in addtion remove the cmd from the list\nwhile holding mgmt_pending_lock to avoid TOCTOU problems since if the cmd\nis left on the list it can still be accessed and freed.\n\nBUG: KASAN: slab-use-after-free in mgmt_add_adv_patterns_monitor_sync+0x35/0x50 net/bluetooth/mgmt.c:5223\nRead of size 8 at addr ffff8880709d4dc0 by task kworker/u11:0/55\n\nCPU: 0 UID: 0 PID: 55 Comm: kworker/u11:0 Not tainted 6.16.4 #2 PREEMPT(full)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\nWorkqueue: hci0 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x240 mm/kasan/report.c:482\n kasan_report+0x118/0x150 mm/kasan/report.c:595\n mgmt_add_adv_patterns_monitor_sync+0x35/0x50 net/bluetooth/mgmt.c:5223\n hci_cmd_sync_work+0x210/0x3a0 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3238 [inline]\n process_scheduled_works+0xade/0x17b0 kernel/workqueue.c:3321\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n kthread+0x711/0x8a0 kernel/kthread.c:464\n ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 home/kwqcheii/source/fuzzing/kernel/kasan/linux-6.16.4/arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nAllocated by task 12210:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4364\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n mgmt_pending_new+0x65/0x1e0 net/bluetooth/mgmt_util.c:269\n mgmt_pending_add+0x35/0x140 net/bluetooth/mgmt_util.c:296\n __add_adv_patterns_monitor+0x130/0x200 net/bluetooth/mgmt.c:5247\n add_adv_patterns_monitor+0x214/0x360 net/bluetooth/mgmt.c:5364\n hci_mgmt_cmd+0x9c9/0xef0 net/bluetooth/hci_sock.c:1719\n hci_sock_sendmsg+0x6ca/0xef0 net/bluetooth/hci_sock.c:1839\n sock_sendmsg_nosec net/socket.c:714 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:729\n sock_write_iter+0x258/0x330 net/socket.c:1133\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x5c9/0xb30 fs/read_write.c:686\n ksys_write+0x145/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 12221:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x62/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2381 [inline]\n slab_free mm/slub.c:4648 [inline]\n kfree+0x18e/0x440 mm/slub.c:4847\n mgmt_pending_free net/bluetooth/mgmt_util.c:311 [inline]\n mgmt_pending_foreach+0x30d/0x380 net/bluetooth/mgmt_util.c:257\n __mgmt_power_off+0x169/0x350 net/bluetooth/mgmt.c:9444\n hci_dev_close_sync+0x754/0x1330 net/bluetooth/hci_sync.c:5290\n hci_dev_do_close net/bluetooth/hci_core.c:501 [inline]\n hci_dev_close+0x108/0x200 net/bluetooth/hci_core.c:526\n sock_do_ioctl+0xd9/0x300 net/socket.c:1192\n sock_ioctl+0x576/0x790 net/socket.c:1313\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xf9/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39981",
"url": "https://www.suse.com/security/cve/CVE-2025-39981"
},
{
"category": "external",
"summary": "SUSE Bug 1252060 for CVE-2025-39981",
"url": "https://bugzilla.suse.com/1252060"
},
{
"category": "external",
"summary": "SUSE Bug 1252061 for CVE-2025-39981",
"url": "https://bugzilla.suse.com/1252061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2025-39981"
},
{
"cve": "CVE-2025-39982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: Fix UAF in hci_acl_create_conn_sync\n\nThis fixes the following UFA in hci_acl_create_conn_sync where a\nconnection still pending is command submission (conn-\u003estate == BT_OPEN)\nmaybe freed, also since this also can happen with the likes of\nhci_le_create_conn_sync fix it as well:\n\nBUG: KASAN: slab-use-after-free in hci_acl_create_conn_sync+0x5ef/0x790 net/bluetooth/hci_sync.c:6861\nWrite of size 2 at addr ffff88805ffcc038 by task kworker/u11:2/9541\n\nCPU: 1 UID: 0 PID: 9541 Comm: kworker/u11:2 Not tainted 6.16.0-rc7 #3 PREEMPT(full)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014\nWorkqueue: hci3 hci_cmd_sync_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x189/0x250 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x230 mm/kasan/report.c:480\n kasan_report+0x118/0x150 mm/kasan/report.c:593\n hci_acl_create_conn_sync+0x5ef/0x790 net/bluetooth/hci_sync.c:6861\n hci_cmd_sync_work+0x210/0x3a0 net/bluetooth/hci_sync.c:332\n process_one_work kernel/workqueue.c:3238 [inline]\n process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n kthread+0x70e/0x8a0 kernel/kthread.c:464\n ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 home/kwqcheii/source/fuzzing/kernel/kasan/linux-6.16-rc7/arch/x86/entry/entry_64.S:245\n \u003c/TASK\u003e\n\nAllocated by task 123736:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0x93/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __kmalloc_cache_noprof+0x230/0x3d0 mm/slub.c:4359\n kmalloc_noprof include/linux/slab.h:905 [inline]\n kzalloc_noprof include/linux/slab.h:1039 [inline]\n __hci_conn_add+0x233/0x1b30 net/bluetooth/hci_conn.c:939\n hci_conn_add_unset net/bluetooth/hci_conn.c:1051 [inline]\n hci_connect_acl+0x16c/0x4e0 net/bluetooth/hci_conn.c:1634\n pair_device+0x418/0xa70 net/bluetooth/mgmt.c:3556\n hci_mgmt_cmd+0x9c9/0xef0 net/bluetooth/hci_sock.c:1719\n hci_sock_sendmsg+0x6ca/0xef0 net/bluetooth/hci_sock.c:1839\n sock_sendmsg_nosec net/socket.c:712 [inline]\n __sock_sendmsg+0x219/0x270 net/socket.c:727\n sock_write_iter+0x258/0x330 net/socket.c:1131\n new_sync_write fs/read_write.c:593 [inline]\n vfs_write+0x54b/0xa90 fs/read_write.c:686\n ksys_write+0x145/0x250 fs/read_write.c:738\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0x3b0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 103680:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3e/0x80 mm/kasan/common.c:68\n kasan_save_free_info+0x46/0x50 mm/kasan/generic.c:576\n poison_slab_object mm/kasan/common.c:247 [inline]\n __kasan_slab_free+0x62/0x70 mm/kasan/common.c:264\n kasan_slab_free include/linux/kasan.h:233 [inline]\n slab_free_hook mm/slub.c:2381 [inline]\n slab_free mm/slub.c:4643 [inline]\n kfree+0x18e/0x440 mm/slub.c:4842\n device_release+0x9c/0x1c0\n kobject_cleanup lib/kobject.c:689 [inline]\n kobject_release lib/kobject.c:720 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x22b/0x480 lib/kobject.c:737\n hci_conn_cleanup net/bluetooth/hci_conn.c:175 [inline]\n hci_conn_del+0x8ff/0xcb0 net/bluetooth/hci_conn.c:1173\n hci_conn_complete_evt+0x3c7/0x1040 net/bluetooth/hci_event.c:3199\n hci_event_func net/bluetooth/hci_event.c:7477 [inline]\n hci_event_packet+0x7e0/0x1200 net/bluetooth/hci_event.c:7531\n hci_rx_work+0x46a/0xe80 net/bluetooth/hci_core.c:4070\n process_one_work kernel/workqueue.c:3238 [inline]\n process_scheduled_works+0xae1/0x17b0 kernel/workqueue.c:3321\n worker_thread+0x8a0/0xda0 kernel/workqueue.c:3402\n kthread+0x70e/0x8a0 kernel/kthread.c:464\n ret_from_fork+0x3fc/0x770 arch/x86/kernel/process.c:148\n ret_from_fork_asm+0x1a/0x30 home/kwqcheii/sour\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39982",
"url": "https://www.suse.com/security/cve/CVE-2025-39982"
},
{
"category": "external",
"summary": "SUSE Bug 1252083 for CVE-2025-39982",
"url": "https://bugzilla.suse.com/1252083"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39982"
},
{
"cve": "CVE-2025-39985",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39985"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow\n\nSending an PF_PACKET allows to bypass the CAN framework logic and to\ndirectly reach the xmit() function of a CAN driver. The only check\nwhich is performed by the PF_PACKET framework is to make sure that\nskb-\u003elen fits the interface\u0027s MTU.\n\nUnfortunately, because the mcba_usb driver does not populate its\nnet_device_ops-\u003endo_change_mtu(), it is possible for an attacker to\nconfigure an invalid MTU by doing, for example:\n\n $ ip link set can0 mtu 9999\n\nAfter doing so, the attacker could open a PF_PACKET socket using the\nETH_P_CANXL protocol:\n\n\tsocket(PF_PACKET, SOCK_RAW, htons(ETH_P_CANXL))\n\nto inject a malicious CAN XL frames. For example:\n\n\tstruct canxl_frame frame = {\n\t\t.flags = 0xff,\n\t\t.len = 2048,\n\t};\n\nThe CAN drivers\u0027 xmit() function are calling can_dev_dropped_skb() to\ncheck that the skb is valid, unfortunately under above conditions, the\nmalicious packet is able to go through can_dev_dropped_skb() checks:\n\n 1. the skb-\u003eprotocol is set to ETH_P_CANXL which is valid (the\n function does not check the actual device capabilities).\n\n 2. the length is a valid CAN XL length.\n\nAnd so, mcba_usb_start_xmit() receives a CAN XL frame which it is not\nable to correctly handle and will thus misinterpret it as a CAN frame.\n\nThis can result in a buffer overflow. The driver will consume cf-\u003elen\nas-is with no further checks on these lines:\n\n\tusb_msg.dlc = cf-\u003elen;\n\n\tmemcpy(usb_msg.data, cf-\u003edata, usb_msg.dlc);\n\nHere, cf-\u003elen corresponds to the flags field of the CAN XL frame. In\nour previous example, we set canxl_frame-\u003eflags to 0xff. Because the\nmaximum expected length is 8, a buffer overflow of 247 bytes occurs!\n\nPopulate net_device_ops-\u003endo_change_mtu() to ensure that the\ninterface\u0027s MTU can not be set to anything bigger than CAN_MTU. By\nfixing the root cause, this prevents the buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39985",
"url": "https://www.suse.com/security/cve/CVE-2025-39985"
},
{
"category": "external",
"summary": "SUSE Bug 1252082 for CVE-2025-39985",
"url": "https://bugzilla.suse.com/1252082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39985"
},
{
"cve": "CVE-2025-39986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow\n\nSending an PF_PACKET allows to bypass the CAN framework logic and to\ndirectly reach the xmit() function of a CAN driver. The only check\nwhich is performed by the PF_PACKET framework is to make sure that\nskb-\u003elen fits the interface\u0027s MTU.\n\nUnfortunately, because the sun4i_can driver does not populate its\nnet_device_ops-\u003endo_change_mtu(), it is possible for an attacker to\nconfigure an invalid MTU by doing, for example:\n\n $ ip link set can0 mtu 9999\n\nAfter doing so, the attacker could open a PF_PACKET socket using the\nETH_P_CANXL protocol:\n\n\tsocket(PF_PACKET, SOCK_RAW, htons(ETH_P_CANXL))\n\nto inject a malicious CAN XL frames. For example:\n\n\tstruct canxl_frame frame = {\n\t\t.flags = 0xff,\n\t\t.len = 2048,\n\t};\n\nThe CAN drivers\u0027 xmit() function are calling can_dev_dropped_skb() to\ncheck that the skb is valid, unfortunately under above conditions, the\nmalicious packet is able to go through can_dev_dropped_skb() checks:\n\n 1. the skb-\u003eprotocol is set to ETH_P_CANXL which is valid (the\n function does not check the actual device capabilities).\n\n 2. the length is a valid CAN XL length.\n\nAnd so, sun4ican_start_xmit() receives a CAN XL frame which it is not\nable to correctly handle and will thus misinterpret it as a CAN frame.\n\nThis can result in a buffer overflow. The driver will consume cf-\u003elen\nas-is with no further checks on this line:\n\n\tdlc = cf-\u003elen;\n\nHere, cf-\u003elen corresponds to the flags field of the CAN XL frame. In\nour previous example, we set canxl_frame-\u003eflags to 0xff. Because the\nmaximum expected length is 8, a buffer overflow of 247 bytes occurs a\ncouple line below when doing:\n\n\tfor (i = 0; i \u003c dlc; i++)\n\t\twritel(cf-\u003edata[i], priv-\u003ebase + (dreg + i * 4));\n\nPopulate net_device_ops-\u003endo_change_mtu() to ensure that the\ninterface\u0027s MTU can not be set to anything bigger than CAN_MTU. By\nfixing the root cause, this prevents the buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39986",
"url": "https://www.suse.com/security/cve/CVE-2025-39986"
},
{
"category": "external",
"summary": "SUSE Bug 1252078 for CVE-2025-39986",
"url": "https://bugzilla.suse.com/1252078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39986"
},
{
"cve": "CVE-2025-39987",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39987"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: hi311x: populate ndo_change_mtu() to prevent buffer overflow\n\nSending an PF_PACKET allows to bypass the CAN framework logic and to\ndirectly reach the xmit() function of a CAN driver. The only check\nwhich is performed by the PF_PACKET framework is to make sure that\nskb-\u003elen fits the interface\u0027s MTU.\n\nUnfortunately, because the sun4i_can driver does not populate its\nnet_device_ops-\u003endo_change_mtu(), it is possible for an attacker to\nconfigure an invalid MTU by doing, for example:\n\n $ ip link set can0 mtu 9999\n\nAfter doing so, the attacker could open a PF_PACKET socket using the\nETH_P_CANXL protocol:\n\n\tsocket(PF_PACKET, SOCK_RAW, htons(ETH_P_CANXL))\n\nto inject a malicious CAN XL frames. For example:\n\n\tstruct canxl_frame frame = {\n\t\t.flags = 0xff,\n\t\t.len = 2048,\n\t};\n\nThe CAN drivers\u0027 xmit() function are calling can_dev_dropped_skb() to\ncheck that the skb is valid, unfortunately under above conditions, the\nmalicious packet is able to go through can_dev_dropped_skb() checks:\n\n 1. the skb-\u003eprotocol is set to ETH_P_CANXL which is valid (the\n function does not check the actual device capabilities).\n\n 2. the length is a valid CAN XL length.\n\nAnd so, hi3110_hard_start_xmit() receives a CAN XL frame which it is\nnot able to correctly handle and will thus misinterpret it as a CAN\nframe. The driver will consume frame-\u003elen as-is with no further\nchecks.\n\nThis can result in a buffer overflow later on in hi3110_hw_tx() on\nthis line:\n\n\tmemcpy(buf + HI3110_FIFO_EXT_DATA_OFF,\n\t frame-\u003edata, frame-\u003elen);\n\nHere, frame-\u003elen corresponds to the flags field of the CAN XL frame.\nIn our previous example, we set canxl_frame-\u003eflags to 0xff. Because\nthe maximum expected length is 8, a buffer overflow of 247 bytes\noccurs!\n\nPopulate net_device_ops-\u003endo_change_mtu() to ensure that the\ninterface\u0027s MTU can not be set to anything bigger than CAN_MTU. By\nfixing the root cause, this prevents the buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39987",
"url": "https://www.suse.com/security/cve/CVE-2025-39987"
},
{
"category": "external",
"summary": "SUSE Bug 1252079 for CVE-2025-39987",
"url": "https://bugzilla.suse.com/1252079"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39987"
},
{
"cve": "CVE-2025-39988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: etas_es58x: populate ndo_change_mtu() to prevent buffer overflow\n\nSending an PF_PACKET allows to bypass the CAN framework logic and to\ndirectly reach the xmit() function of a CAN driver. The only check\nwhich is performed by the PF_PACKET framework is to make sure that\nskb-\u003elen fits the interface\u0027s MTU.\n\nUnfortunately, because the etas_es58x driver does not populate its\nnet_device_ops-\u003endo_change_mtu(), it is possible for an attacker to\nconfigure an invalid MTU by doing, for example:\n\n $ ip link set can0 mtu 9999\n\nAfter doing so, the attacker could open a PF_PACKET socket using the\nETH_P_CANXL protocol:\n\n\tsocket(PF_PACKET, SOCK_RAW, htons(ETH_P_CANXL));\n\nto inject a malicious CAN XL frames. For example:\n\n\tstruct canxl_frame frame = {\n\t\t.flags = 0xff,\n\t\t.len = 2048,\n\t};\n\nThe CAN drivers\u0027 xmit() function are calling can_dev_dropped_skb() to\ncheck that the skb is valid, unfortunately under above conditions, the\nmalicious packet is able to go through can_dev_dropped_skb() checks:\n\n 1. the skb-\u003eprotocol is set to ETH_P_CANXL which is valid (the\n function does not check the actual device capabilities).\n\n 2. the length is a valid CAN XL length.\n\nAnd so, es58x_start_xmit() receives a CAN XL frame which it is not\nable to correctly handle and will thus misinterpret it as a CAN(FD)\nframe.\n\nThis can result in a buffer overflow. For example, using the es581.4\nvariant, the frame will be dispatched to es581_4_tx_can_msg(), go\nthrough the last check at the beginning of this function:\n\n\tif (can_is_canfd_skb(skb))\n\t\treturn -EMSGSIZE;\n\nand reach this line:\n\n\tmemcpy(tx_can_msg-\u003edata, cf-\u003edata, cf-\u003elen);\n\nHere, cf-\u003elen corresponds to the flags field of the CAN XL frame. In\nour previous example, we set canxl_frame-\u003eflags to 0xff. Because the\nmaximum expected length is 8, a buffer overflow of 247 bytes occurs!\n\nPopulate net_device_ops-\u003endo_change_mtu() to ensure that the\ninterface\u0027s MTU can not be set to anything bigger than CAN_MTU or\nCANFD_MTU (depending on the device capabilities). By fixing the root\ncause, this prevents the buffer overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39988",
"url": "https://www.suse.com/security/cve/CVE-2025-39988"
},
{
"category": "external",
"summary": "SUSE Bug 1252074 for CVE-2025-39988",
"url": "https://bugzilla.suse.com/1252074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39988"
},
{
"cve": "CVE-2025-39991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix NULL dereference in ath11k_qmi_m3_load()\n\nIf ab-\u003efw.m3_data points to data, then fw pointer remains null.\nFurther, if m3_mem is not allocated, then fw is dereferenced to be\npassed to ath11k_err function.\n\nReplace fw-\u003esize by m3_len.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39991",
"url": "https://www.suse.com/security/cve/CVE-2025-39991"
},
{
"category": "external",
"summary": "SUSE Bug 1252075 for CVE-2025-39991",
"url": "https://bugzilla.suse.com/1252075"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39991"
},
{
"cve": "CVE-2025-39993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rc: fix races with imon_disconnect()\n\nSyzbot reports a KASAN issue as below:\nBUG: KASAN: use-after-free in __create_pipe include/linux/usb.h:1945 [inline]\nBUG: KASAN: use-after-free in send_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nRead of size 4 at addr ffff8880256fb000 by task syz-executor314/4465\n\nCPU: 2 PID: 4465 Comm: syz-executor314 Not tainted 6.0.0-rc1-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-2 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:317 [inline]\nprint_report.cold+0x2ba/0x6e9 mm/kasan/report.c:433\nkasan_report+0xb1/0x1e0 mm/kasan/report.c:495\n__create_pipe include/linux/usb.h:1945 [inline]\nsend_packet+0xa2d/0xbc0 drivers/media/rc/imon.c:627\nvfd_write+0x2d9/0x550 drivers/media/rc/imon.c:991\nvfs_write+0x2d7/0xdd0 fs/read_write.c:576\nksys_write+0x127/0x250 fs/read_write.c:631\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nThe iMON driver improperly releases the usb_device reference in\nimon_disconnect without coordinating with active users of the\ndevice.\n\nSpecifically, the fields usbdev_intf0 and usbdev_intf1 are not\nprotected by the users counter (ictx-\u003eusers). During probe,\nimon_init_intf0 or imon_init_intf1 increments the usb_device\nreference count depending on the interface. However, during\ndisconnect, usb_put_dev is called unconditionally, regardless of\nactual usage.\n\nAs a result, if vfd_write or other operations are still in\nprogress after disconnect, this can lead to a use-after-free of\nthe usb_device pointer.\n\nThread 1 vfd_write Thread 2 imon_disconnect\n ...\n if\n usb_put_dev(ictx-\u003eusbdev_intf0)\n else\n usb_put_dev(ictx-\u003eusbdev_intf1)\n...\nwhile\n send_packet\n if\n pipe = usb_sndintpipe(\n ictx-\u003eusbdev_intf0) UAF\n else\n pipe = usb_sndctrlpipe(\n ictx-\u003eusbdev_intf0, 0) UAF\n\nGuard access to usbdev_intf0 and usbdev_intf1 after disconnect by\nchecking ictx-\u003edisconnected in all writer paths. Add early return\nwith -ENODEV in send_packet(), vfd_write(), lcd_write() and\ndisplay_open() if the device is no longer present.\n\nSet and read ictx-\u003edisconnected under ictx-\u003elock to ensure memory\nsynchronization. Acquire the lock in imon_disconnect() before setting\nthe flag to synchronize with any ongoing operations.\n\nEnsure writers exit early and safely after disconnect before the USB\ncore proceeds with cleanup.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39993",
"url": "https://www.suse.com/security/cve/CVE-2025-39993"
},
{
"category": "external",
"summary": "SUSE Bug 1252070 for CVE-2025-39993",
"url": "https://bugzilla.suse.com/1252070"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39993"
},
{
"cve": "CVE-2025-39994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tuner: xc5000: Fix use-after-free in xc5000_release\n\nThe original code uses cancel_delayed_work() in xc5000_release(), which\ndoes not guarantee that the delayed work item timer_sleep has fully\ncompleted if it was already running. This leads to use-after-free scenarios\nwhere xc5000_release() may free the xc5000_priv while timer_sleep is still\nactive and attempts to dereference the xc5000_priv.\n\nA typical race condition is illustrated below:\n\nCPU 0 (release thread) | CPU 1 (delayed work callback)\nxc5000_release() | xc5000_do_timer_sleep()\n cancel_delayed_work() |\n hybrid_tuner_release_state(priv) |\n kfree(priv) |\n | priv = container_of() // UAF\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the timer_sleep is properly canceled before the xc5000_priv memory\nis deallocated.\n\nA deadlock concern was considered: xc5000_release() is called in a process\ncontext and is not holding any locks that the timer_sleep work item might\nalso need. Therefore, the use of the _sync() variant is safe here.\n\nThis bug was initially identified through static analysis.\n\n[hverkuil: fix typo in Subject: tunner -\u003e tuner]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39994",
"url": "https://www.suse.com/security/cve/CVE-2025-39994"
},
{
"category": "external",
"summary": "SUSE Bug 1252072 for CVE-2025-39994",
"url": "https://bugzilla.suse.com/1252072"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39994"
},
{
"cve": "CVE-2025-39995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe\n\nThe state-\u003etimer is a cyclic timer that schedules work_i2c_poll and\ndelayed_work_enable_hotplug, while rearming itself. Using timer_delete()\nfails to guarantee the timer isn\u0027t still running when destroyed, similarly\ncancel_delayed_work() cannot ensure delayed_work_enable_hotplug has\nterminated if already executing. During probe failure after timer\ninitialization, these may continue running as orphans and reference the\nalready-freed tc358743_state object through tc358743_irq_poll_timer.\n\nThe following is the trace captured by KASAN.\n\nBUG: KASAN: slab-use-after-free in __run_timer_base.part.0+0x7d7/0x8c0\nWrite of size 8 at addr ffff88800ded83c8 by task swapper/1/0\n...\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x55/0x70\n print_report+0xcf/0x610\n ? __pfx_sched_balance_find_src_group+0x10/0x10\n ? __run_timer_base.part.0+0x7d7/0x8c0\n kasan_report+0xb8/0xf0\n ? __run_timer_base.part.0+0x7d7/0x8c0\n __run_timer_base.part.0+0x7d7/0x8c0\n ? rcu_sched_clock_irq+0xb06/0x27d0\n ? __pfx___run_timer_base.part.0+0x10/0x10\n ? try_to_wake_up+0xb15/0x1960\n ? tmigr_update_events+0x280/0x740\n ? _raw_spin_lock_irq+0x80/0xe0\n ? __pfx__raw_spin_lock_irq+0x10/0x10\n tmigr_handle_remote_up+0x603/0x7e0\n ? __pfx_tmigr_handle_remote_up+0x10/0x10\n ? sched_balance_trigger+0x98/0x9f0\n ? sched_tick+0x221/0x5a0\n ? _raw_spin_lock_irq+0x80/0xe0\n ? __pfx__raw_spin_lock_irq+0x10/0x10\n ? tick_nohz_handler+0x339/0x440\n ? __pfx_tmigr_handle_remote_up+0x10/0x10\n __walk_groups.isra.0+0x42/0x150\n tmigr_handle_remote+0x1f4/0x2e0\n ? __pfx_tmigr_handle_remote+0x10/0x10\n ? ktime_get+0x60/0x140\n ? lapic_next_event+0x11/0x20\n ? clockevents_program_event+0x1d4/0x2a0\n ? hrtimer_interrupt+0x322/0x780\n handle_softirqs+0x16a/0x550\n irq_exit_rcu+0xaf/0xe0\n sysvec_apic_timer_interrupt+0x70/0x80\n \u003c/IRQ\u003e\n...\n\nAllocated by task 141:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x7f/0x90\n __kmalloc_node_track_caller_noprof+0x198/0x430\n devm_kmalloc+0x7b/0x1e0\n tc358743_probe+0xb7/0x610 i2c_device_probe+0x51d/0x880\n really_probe+0x1ca/0x5c0\n __driver_probe_device+0x248/0x310\n driver_probe_device+0x44/0x120\n __device_attach_driver+0x174/0x220\n bus_for_each_drv+0x100/0x190\n __device_attach+0x206/0x370\n bus_probe_device+0x123/0x170\n device_add+0xd25/0x1470\n i2c_new_client_device+0x7a0/0xcd0\n do_one_initcall+0x89/0x300\n do_init_module+0x29d/0x7f0\n load_module+0x4f48/0x69e0\n init_module_from_file+0xe4/0x150\n idempotent_init_module+0x320/0x670\n __x64_sys_finit_module+0xbd/0x120\n do_syscall_64+0xac/0x280\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 141:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3a/0x60\n __kasan_slab_free+0x3f/0x50\n kfree+0x137/0x370\n release_nodes+0xa4/0x100\n devres_release_group+0x1b2/0x380\n i2c_device_probe+0x694/0x880\n really_probe+0x1ca/0x5c0\n __driver_probe_device+0x248/0x310\n driver_probe_device+0x44/0x120\n __device_attach_driver+0x174/0x220\n bus_for_each_drv+0x100/0x190\n __device_attach+0x206/0x370\n bus_probe_device+0x123/0x170\n device_add+0xd25/0x1470\n i2c_new_client_device+0x7a0/0xcd0\n do_one_initcall+0x89/0x300\n do_init_module+0x29d/0x7f0\n load_module+0x4f48/0x69e0\n init_module_from_file+0xe4/0x150\n idempotent_init_module+0x320/0x670\n __x64_sys_finit_module+0xbd/0x120\n do_syscall_64+0xac/0x280\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n...\n\nReplace timer_delete() with timer_delete_sync() and cancel_delayed_work()\nwith cancel_delayed_work_sync() to ensure proper termination of timer and\nwork items before resource cleanup.\n\nThis bug was initially identified through static analysis. For reproduction\nand testing, I created a functional emulation of the tc358743 device via a\nkernel module and introduced faults through the debugfs interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39995",
"url": "https://www.suse.com/security/cve/CVE-2025-39995"
},
{
"category": "external",
"summary": "SUSE Bug 1252064 for CVE-2025-39995",
"url": "https://bugzilla.suse.com/1252064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39995"
},
{
"cve": "CVE-2025-39996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: b2c2: Fix use-after-free causing by irq_check_work in flexcop_pci_remove\n\nThe original code uses cancel_delayed_work() in flexcop_pci_remove(), which\ndoes not guarantee that the delayed work item irq_check_work has fully\ncompleted if it was already running. This leads to use-after-free scenarios\nwhere flexcop_pci_remove() may free the flexcop_device while irq_check_work\nis still active and attempts to dereference the device.\n\nA typical race condition is illustrated below:\n\nCPU 0 (remove) | CPU 1 (delayed work callback)\nflexcop_pci_remove() | flexcop_pci_irq_check_work()\n cancel_delayed_work() |\n flexcop_device_kfree(fc_pci-\u003efc_dev) |\n | fc = fc_pci-\u003efc_dev; // UAF\n\nThis is confirmed by a KASAN report:\n\n==================================================================\nBUG: KASAN: slab-use-after-free in __run_timer_base.part.0+0x7d7/0x8c0\nWrite of size 8 at addr ffff8880093aa8c8 by task bash/135\n...\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x55/0x70\n print_report+0xcf/0x610\n ? __run_timer_base.part.0+0x7d7/0x8c0\n kasan_report+0xb8/0xf0\n ? __run_timer_base.part.0+0x7d7/0x8c0\n __run_timer_base.part.0+0x7d7/0x8c0\n ? __pfx___run_timer_base.part.0+0x10/0x10\n ? __pfx_read_tsc+0x10/0x10\n ? ktime_get+0x60/0x140\n ? lapic_next_event+0x11/0x20\n ? clockevents_program_event+0x1d4/0x2a0\n run_timer_softirq+0xd1/0x190\n handle_softirqs+0x16a/0x550\n irq_exit_rcu+0xaf/0xe0\n sysvec_apic_timer_interrupt+0x70/0x80\n \u003c/IRQ\u003e\n...\n\nAllocated by task 1:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x7f/0x90\n __kmalloc_noprof+0x1be/0x460\n flexcop_device_kmalloc+0x54/0xe0\n flexcop_pci_probe+0x1f/0x9d0\n local_pci_probe+0xdc/0x190\n pci_device_probe+0x2fe/0x470\n really_probe+0x1ca/0x5c0\n __driver_probe_device+0x248/0x310\n driver_probe_device+0x44/0x120\n __driver_attach+0xd2/0x310\n bus_for_each_dev+0xed/0x170\n bus_add_driver+0x208/0x500\n driver_register+0x132/0x460\n do_one_initcall+0x89/0x300\n kernel_init_freeable+0x40d/0x720\n kernel_init+0x1a/0x150\n ret_from_fork+0x10c/0x1a0\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 135:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3a/0x60\n __kasan_slab_free+0x3f/0x50\n kfree+0x137/0x370\n flexcop_device_kfree+0x32/0x50\n pci_device_remove+0xa6/0x1d0\n device_release_driver_internal+0xf8/0x210\n pci_stop_bus_device+0x105/0x150\n pci_stop_and_remove_bus_device_locked+0x15/0x30\n remove_store+0xcc/0xe0\n kernfs_fop_write_iter+0x2c3/0x440\n vfs_write+0x871/0xd70\n ksys_write+0xee/0x1c0\n do_syscall_64+0xac/0x280\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n...\n\nReplace cancel_delayed_work() with cancel_delayed_work_sync() to ensure\nthat the delayed work item is properly canceled and any executing delayed\nwork has finished before the device memory is deallocated.\n\nThis bug was initially identified through static analysis. To reproduce\nand test it, I simulated the B2C2 FlexCop PCI device in QEMU and introduced\nartificial delays within the flexcop_pci_irq_check_work() function to\nincrease the likelihood of triggering the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39996",
"url": "https://www.suse.com/security/cve/CVE-2025-39996"
},
{
"category": "external",
"summary": "SUSE Bug 1252065 for CVE-2025-39996",
"url": "https://bugzilla.suse.com/1252065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39996"
},
{
"cve": "CVE-2025-39997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-39997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: fix race condition to UAF in snd_usbmidi_free\n\nThe previous commit 0718a78f6a9f (\"ALSA: usb-audio: Kill timer properly at\nremoval\") patched a UAF issue caused by the error timer.\n\nHowever, because the error timer kill added in this patch occurs after the\nendpoint delete, a race condition to UAF still occurs, albeit rarely.\n\nAdditionally, since kill-cleanup for urb is also missing, freed memory can\nbe accessed in interrupt context related to urb, which can cause UAF.\n\nTherefore, to prevent this, error timer and urb must be killed before\nfreeing the heap memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-39997",
"url": "https://www.suse.com/security/cve/CVE-2025-39997"
},
{
"category": "external",
"summary": "SUSE Bug 1252056 for CVE-2025-39997",
"url": "https://bugzilla.suse.com/1252056"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-39997"
},
{
"cve": "CVE-2025-40000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix use-after-free in rtw89_core_tx_kick_off_and_wait()\n\nThere is a bug observed when rtw89_core_tx_kick_off_and_wait() tries to\naccess already freed skb_data:\n\n BUG: KFENCE: use-after-free write in rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110\n\n CPU: 6 UID: 0 PID: 41377 Comm: kworker/u64:24 Not tainted 6.17.0-rc1+ #1 PREEMPT(lazy)\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS edk2-20250523-14.fc42 05/23/2025\n Workqueue: events_unbound cfg80211_wiphy_work [cfg80211]\n\n Use-after-free write at 0x0000000020309d9d (in kfence-#251):\n rtw89_core_tx_kick_off_and_wait drivers/net/wireless/realtek/rtw89/core.c:1110\n rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338\n rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979\n rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165\n rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.h:141\n rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012\n rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059\n rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758\n process_one_work kernel/workqueue.c:3241\n worker_thread kernel/workqueue.c:3400\n kthread kernel/kthread.c:463\n ret_from_fork arch/x86/kernel/process.c:154\n ret_from_fork_asm arch/x86/entry/entry_64.S:258\n\n kfence-#251: 0x0000000056e2393d-0x000000009943cb62, size=232, cache=skbuff_head_cache\n\n allocated by task 41377 on cpu 6 at 77869.159548s (0.009551s ago):\n __alloc_skb net/core/skbuff.c:659\n __netdev_alloc_skb net/core/skbuff.c:734\n ieee80211_nullfunc_get net/mac80211/tx.c:5844\n rtw89_core_send_nullfunc drivers/net/wireless/realtek/rtw89/core.c:3431\n rtw89_core_scan_complete drivers/net/wireless/realtek/rtw89/core.c:5338\n rtw89_hw_scan_complete_cb drivers/net/wireless/realtek/rtw89/fw.c:7979\n rtw89_chanctx_proceed_cb drivers/net/wireless/realtek/rtw89/chan.c:3165\n rtw89_chanctx_proceed drivers/net/wireless/realtek/rtw89/chan.c:3194\n rtw89_hw_scan_complete drivers/net/wireless/realtek/rtw89/fw.c:8012\n rtw89_mac_c2h_scanofld_rsp drivers/net/wireless/realtek/rtw89/mac.c:5059\n rtw89_fw_c2h_work drivers/net/wireless/realtek/rtw89/fw.c:6758\n process_one_work kernel/workqueue.c:3241\n worker_thread kernel/workqueue.c:3400\n kthread kernel/kthread.c:463\n ret_from_fork arch/x86/kernel/process.c:154\n ret_from_fork_asm arch/x86/entry/entry_64.S:258\n\n freed by task 1045 on cpu 9 at 77869.168393s (0.001557s ago):\n ieee80211_tx_status_skb net/mac80211/status.c:1117\n rtw89_pci_release_txwd_skb drivers/net/wireless/realtek/rtw89/pci.c:564\n rtw89_pci_release_tx_skbs.isra.0 drivers/net/wireless/realtek/rtw89/pci.c:651\n rtw89_pci_release_tx drivers/net/wireless/realtek/rtw89/pci.c:676\n rtw89_pci_napi_poll drivers/net/wireless/realtek/rtw89/pci.c:4238\n __napi_poll net/core/dev.c:7495\n net_rx_action net/core/dev.c:7557 net/core/dev.c:7684\n handle_softirqs kernel/softirq.c:580\n do_softirq.part.0 kernel/softirq.c:480\n __local_bh_enable_ip kernel/softirq.c:407\n rtw89_pci_interrupt_threadfn drivers/net/wireless/realtek/rtw89/pci.c:927\n irq_thread_fn kernel/irq/manage.c:1133\n irq_thread kernel/irq/manage.c:1257\n kthread kernel/kthread.c:463\n ret_from_fork arch/x86/kernel/process.c:154\n ret_from_fork_asm arch/x86/entry/entry_64.S:258\n\nIt is a consequence of a race between the waiting and the signaling side\nof the completion:\n\n Waiting thread Completing thread\n\nrtw89_core_tx_kick_off_and_wait()\n rcu_assign_pointer(skb_data-\u003ewait, wait)\n /* start waiting */\n wait_for_completion_timeout()\n rtw89_pci_tx_status()\n rtw89_core_tx_wait_complete()\n rcu_read_lock()\n /* signals completion and\n \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40000",
"url": "https://www.suse.com/security/cve/CVE-2025-40000"
},
{
"category": "external",
"summary": "SUSE Bug 1252062 for CVE-2025-40000",
"url": "https://bugzilla.suse.com/1252062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40000"
},
{
"cve": "CVE-2025-40005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: cadence-quadspi: Implement refcount to handle unbind during busy\n\ndriver support indirect read and indirect write operation with\nassumption no force device removal(unbind) operation. However\nforce device removal(removal) is still available to root superuser.\n\nUnbinding driver during operation causes kernel crash. This changes\nensure driver able to handle such operation for indirect read and\nindirect write by implementing refcount to track attached devices\nto the controller and gracefully wait and until attached devices\nremove operation completed before proceed with removal operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40005",
"url": "https://www.suse.com/security/cve/CVE-2025-40005"
},
{
"category": "external",
"summary": "SUSE Bug 1252349 for CVE-2025-40005",
"url": "https://bugzilla.suse.com/1252349"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40005"
},
{
"cve": "CVE-2025-40010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Fix potential null pointer dereference in afs_put_server\n\nafs_put_server() accessed server-\u003edebug_id before the NULL check, which\ncould lead to a null pointer dereference. Move the debug_id assignment,\nensuring we never dereference a NULL server pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40010",
"url": "https://www.suse.com/security/cve/CVE-2025-40010"
},
{
"category": "external",
"summary": "SUSE Bug 1252332 for CVE-2025-40010",
"url": "https://bugzilla.suse.com/1252332"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40010"
},
{
"cve": "CVE-2025-40011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gma500: Fix null dereference in hdmi teardown\n\npci_set_drvdata sets the value of pdev-\u003edriver_data to NULL,\nafter which the driver_data obtained from the same dev is\ndereferenced in oaktrail_hdmi_i2c_exit, and the i2c_dev is\nextracted from it. To prevent this, swap these calls.\n\nFound by Linux Verification Center (linuxtesting.org) with Svacer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40011",
"url": "https://www.suse.com/security/cve/CVE-2025-40011"
},
{
"category": "external",
"summary": "SUSE Bug 1252336 for CVE-2025-40011",
"url": "https://bugzilla.suse.com/1252336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40011"
},
{
"cve": "CVE-2025-40013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: qcom: audioreach: fix potential null pointer dereference\n\nIt is possible that the topology parsing function\naudioreach_widget_load_module_common() could return NULL or an error\npointer. Add missing NULL check so that we do not dereference it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40013",
"url": "https://www.suse.com/security/cve/CVE-2025-40013"
},
{
"category": "external",
"summary": "SUSE Bug 1252348 for CVE-2025-40013",
"url": "https://bugzilla.suse.com/1252348"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40013"
},
{
"cve": "CVE-2025-40016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID\n\nPer UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero\nunique ID.\n\n```\nEach Unit and Terminal within the video function is assigned a unique\nidentification number, the Unit ID (UID) or Terminal ID (TID), contained in\nthe bUnitID or bTerminalID field of the descriptor. The value 0x00 is\nreserved for undefined ID,\n```\n\nIf we add a new entity with id 0 or a duplicated ID, it will be marked\nas UVC_INVALID_ENTITY_ID.\n\nIn a previous attempt commit 3dd075fe8ebb (\"media: uvcvideo: Require\nentities to have a non-zero unique ID\"), we ignored all the invalid units,\nthis broke a lot of non-compatible cameras. Hopefully we are more lucky\nthis time.\n\nThis also prevents some syzkaller reproducers from triggering warnings due\nto a chain of entities referring to themselves. In one particular case, an\nOutput Unit is connected to an Input Unit, both with the same ID of 1. But\nwhen looking up for the source ID of the Output Unit, that same entity is\nfound instead of the input entity, which leads to such warnings.\n\nIn another case, a backward chain was considered finished as the source ID\nwas 0. Later on, that entity was found, but its pads were not valid.\n\nHere is a sample stack trace for one of those cases.\n\n[ 20.650953] usb 1-1: new high-speed USB device number 2 using dummy_hcd\n[ 20.830206] usb 1-1: Using ep0 maxpacket: 8\n[ 20.833501] usb 1-1: config 0 descriptor??\n[ 21.038518] usb 1-1: string descriptor 0 read error: -71\n[ 21.038893] usb 1-1: Found UVC 0.00 device \u003cunnamed\u003e (2833:0201)\n[ 21.039299] uvcvideo 1-1:0.0: Entity type for entity Output 1 was not initialized!\n[ 21.041583] uvcvideo 1-1:0.0: Entity type for entity Input 1 was not initialized!\n[ 21.042218] ------------[ cut here ]------------\n[ 21.042536] WARNING: CPU: 0 PID: 9 at drivers/media/mc/mc-entity.c:1147 media_create_pad_link+0x2c4/0x2e0\n[ 21.043195] Modules linked in:\n[ 21.043535] CPU: 0 UID: 0 PID: 9 Comm: kworker/0:1 Not tainted 6.11.0-rc7-00030-g3480e43aeccf #444\n[ 21.044101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 21.044639] Workqueue: usb_hub_wq hub_event\n[ 21.045100] RIP: 0010:media_create_pad_link+0x2c4/0x2e0\n[ 21.045508] Code: fe e8 20 01 00 00 b8 f4 ff ff ff 48 83 c4 30 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 0f 0b eb e9 0f 0b eb 0a 0f 0b eb 06 \u003c0f\u003e 0b eb 02 0f 0b b8 ea ff ff ff eb d4 66 2e 0f 1f 84 00 00 00 00\n[ 21.046801] RSP: 0018:ffffc9000004b318 EFLAGS: 00010246\n[ 21.047227] RAX: ffff888004e5d458 RBX: 0000000000000000 RCX: ffffffff818fccf1\n[ 21.047719] RDX: 000000000000007b RSI: 0000000000000000 RDI: ffff888004313290\n[ 21.048241] RBP: ffff888004313290 R08: 0001ffffffffffff R09: 0000000000000000\n[ 21.048701] R10: 0000000000000013 R11: 0001888004313290 R12: 0000000000000003\n[ 21.049138] R13: ffff888004313080 R14: ffff888004313080 R15: 0000000000000000\n[ 21.049648] FS: 0000000000000000(0000) GS:ffff88803ec00000(0000) knlGS:0000000000000000\n[ 21.050271] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 21.050688] CR2: 0000592cc27635b0 CR3: 000000000431c000 CR4: 0000000000750ef0\n[ 21.051136] PKRU: 55555554\n[ 21.051331] Call Trace:\n[ 21.051480] \u003cTASK\u003e\n[ 21.051611] ? __warn+0xc4/0x210\n[ 21.051861] ? media_create_pad_link+0x2c4/0x2e0\n[ 21.052252] ? report_bug+0x11b/0x1a0\n[ 21.052540] ? trace_hardirqs_on+0x31/0x40\n[ 21.052901] ? handle_bug+0x3d/0x70\n[ 21.053197] ? exc_invalid_op+0x1a/0x50\n[ 21.053511] ? asm_exc_invalid_op+0x1a/0x20\n[ 21.053924] ? media_create_pad_link+0x91/0x2e0\n[ 21.054364] ? media_create_pad_link+0x2c4/0x2e0\n[ 21.054834] ? media_create_pad_link+0x91/0x2e0\n[ 21.055131] ? _raw_spin_unlock+0x1e/0x40\n[ 21.055441] ? __v4l2_device_register_subdev+0x202/0x210\n[ 21.055837] uvc_mc_register_entities+0x358/0x400\n[ 21.056144] uvc_register_chains+0x1\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40016",
"url": "https://www.suse.com/security/cve/CVE-2025-40016"
},
{
"category": "external",
"summary": "SUSE Bug 1252346 for CVE-2025-40016",
"url": "https://bugzilla.suse.com/1252346"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "low"
}
],
"title": "CVE-2025-40016"
},
{
"cve": "CVE-2025-40018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvs: Defer ip_vs_ftp unregister during netns cleanup\n\nOn the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp\nbefore connections with valid cp-\u003eapp pointers are flushed, leading to a\nuse-after-free.\n\nFix this by introducing a global `exiting_module` flag, set to true in\nip_vs_ftp_exit() before unregistering the pernet subsystem. In\n__ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns\ncleanup (when exiting_module is false) and defer it to\n__ip_vs_cleanup_batch(), which unregisters all apps after all connections\nare flushed. If called during module exit, unregister ip_vs_ftp\nimmediately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40018",
"url": "https://www.suse.com/security/cve/CVE-2025-40018"
},
{
"category": "external",
"summary": "SUSE Bug 1247374 for CVE-2025-40018",
"url": "https://bugzilla.suse.com/1247374"
},
{
"category": "external",
"summary": "SUSE Bug 1252688 for CVE-2025-40018",
"url": "https://bugzilla.suse.com/1252688"
},
{
"category": "external",
"summary": "SUSE Bug 1252689 for CVE-2025-40018",
"url": "https://bugzilla.suse.com/1252689"
},
{
"category": "external",
"summary": "SUSE Bug 1253291 for CVE-2025-40018",
"url": "https://bugzilla.suse.com/1253291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2025-40018"
},
{
"cve": "CVE-2025-40019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: essiv - Check ssize for decryption and in-place encryption\n\nMove the ssize check to the start in essiv_aead_crypt so that\nit\u0027s also checked for decryption and in-place encryption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40019",
"url": "https://www.suse.com/security/cve/CVE-2025-40019"
},
{
"category": "external",
"summary": "SUSE Bug 1252678 for CVE-2025-40019",
"url": "https://bugzilla.suse.com/1252678"
},
{
"category": "external",
"summary": "SUSE Bug 1252719 for CVE-2025-40019",
"url": "https://bugzilla.suse.com/1252719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "important"
}
],
"title": "CVE-2025-40019"
},
{
"cve": "CVE-2025-40020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: peak_usb: fix shift-out-of-bounds issue\n\nExplicitly uses a 64-bit constant when the number of bits used for its\nshifting is 32 (which is the case for PC CAN FD interfaces supported by\nthis driver).\n\n[mkl: update subject, apply manually]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40020",
"url": "https://www.suse.com/security/cve/CVE-2025-40020"
},
{
"category": "external",
"summary": "SUSE Bug 1252679 for CVE-2025-40020",
"url": "https://bugzilla.suse.com/1252679"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40020"
},
{
"cve": "CVE-2025-40029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbus: fsl-mc: Check return value of platform_get_resource()\n\nplatform_get_resource() returns NULL in case of failure, so check its\nreturn value and propagate the error in order to prevent NULL pointer\ndereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40029",
"url": "https://www.suse.com/security/cve/CVE-2025-40029"
},
{
"category": "external",
"summary": "SUSE Bug 1252772 for CVE-2025-40029",
"url": "https://bugzilla.suse.com/1252772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40029"
},
{
"cve": "CVE-2025-40032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40032"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: endpoint: pci-epf-test: Add NULL check for DMA channels before release\n\nThe fields dma_chan_tx and dma_chan_rx of the struct pci_epf_test can be\nNULL even after EPF initialization. Then it is prudent to check that\nthey have non-NULL values before releasing the channels. Add the checks\nin pci_epf_test_clean_dma_chan().\n\nWithout the checks, NULL pointer dereferences happen and they can lead\nto a kernel panic in some cases:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000050\n Call trace:\n dma_release_channel+0x2c/0x120 (P)\n pci_epf_test_epc_deinit+0x94/0xc0 [pci_epf_test]\n pci_epc_deinit_notify+0x74/0xc0\n tegra_pcie_ep_pex_rst_irq+0x250/0x5d8\n irq_thread_fn+0x34/0xb8\n irq_thread+0x18c/0x2e8\n kthread+0x14c/0x210\n ret_from_fork+0x10/0x20\n\n[mani: trimmed the stack trace]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40032",
"url": "https://www.suse.com/security/cve/CVE-2025-40032"
},
{
"category": "external",
"summary": "SUSE Bug 1252841 for CVE-2025-40032",
"url": "https://bugzilla.suse.com/1252841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40032"
},
{
"cve": "CVE-2025-40035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: uinput - zero-initialize uinput_ff_upload_compat to avoid info leak\n\nStruct ff_effect_compat is embedded twice inside\nuinput_ff_upload_compat, contains internal padding. In particular, there\nis a hole after struct ff_replay to satisfy alignment requirements for\nthe following union member. Without clearing the structure,\ncopy_to_user() may leak stack data to userspace.\n\nInitialize ff_up_compat to zero before filling valid fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40035",
"url": "https://www.suse.com/security/cve/CVE-2025-40035"
},
{
"category": "external",
"summary": "SUSE Bug 1252866 for CVE-2025-40035",
"url": "https://bugzilla.suse.com/1252866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40035"
},
{
"cve": "CVE-2025-40036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: fastrpc: fix possible map leak in fastrpc_put_args\n\ncopy_to_user() failure would cause an early return without cleaning up\nthe fdlist, which has been updated by the DSP. This could lead to map\nleak. Fix this by redirecting to a cleanup path on failure, ensuring\nthat all mapped buffers are properly released before returning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40036",
"url": "https://www.suse.com/security/cve/CVE-2025-40036"
},
{
"category": "external",
"summary": "SUSE Bug 1252865 for CVE-2025-40036",
"url": "https://bugzilla.suse.com/1252865"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40036"
},
{
"cve": "CVE-2025-40043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: nfc: nci: Add parameter validation for packet data\n\nSyzbot reported an uninitialized value bug in nci_init_req, which was\nintroduced by commit 5aca7966d2a7 (\"Merge tag\n\u0027perf-tools-fixes-for-v6.17-2025-09-16\u0027 of\ngit://git.kernel.org/pub/scm/linux/kernel/git/perf/perf-tools\").\n\nThis bug arises due to very limited and poor input validation\nthat was done at nic_valid_size(). This validation only\nvalidates the skb-\u003elen (directly reflects size provided at the\nuserspace interface) with the length provided in the buffer\nitself (interpreted as NCI_HEADER). This leads to the processing\nof memory content at the address assuming the correct layout\nper what opcode requires there. This leads to the accesses to\nbuffer of `skb_buff-\u003edata` which is not assigned anything yet.\n\nFollowing the same silent drop of packets of invalid sizes at\n`nic_valid_size()`, add validation of the data in the respective\nhandlers and return error values in case of failure. Release\nthe skb if error values are returned from handlers in\n`nci_nft_packet` and effectively do a silent drop\n\nPossible TODO: because we silently drop the packets, the\ncall to `nci_request` will be waiting for completion of request\nand will face timeouts. These timeouts can get excessively logged\nin the dmesg. A proper handling of them may require to export\n`nci_request_cancel` (or propagate error handling from the\nnft packets handlers).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40043",
"url": "https://www.suse.com/security/cve/CVE-2025-40043"
},
{
"category": "external",
"summary": "SUSE Bug 1252787 for CVE-2025-40043",
"url": "https://bugzilla.suse.com/1252787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40043"
},
{
"cve": "CVE-2025-40044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: udf: fix OOB read in lengthAllocDescs handling\n\nWhen parsing Allocation Extent Descriptor, lengthAllocDescs comes from\non-disk data and must be validated against the block size. Crafted or\ncorrupted images may set lengthAllocDescs so that the total descriptor\nlength (sizeof(allocExtDesc) + lengthAllocDescs) exceeds the buffer,\nleading udf_update_tag() to call crc_itu_t() on out-of-bounds memory and\ntrigger a KASAN use-after-free read.\n\nBUG: KASAN: use-after-free in crc_itu_t+0x1d5/0x2b0 lib/crc-itu-t.c:60\nRead of size 1 at addr ffff888041e7d000 by task syz-executor317/5309\n\nCPU: 0 UID: 0 PID: 5309 Comm: syz-executor317 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n crc_itu_t+0x1d5/0x2b0 lib/crc-itu-t.c:60\n udf_update_tag+0x70/0x6a0 fs/udf/misc.c:261\n udf_write_aext+0x4d8/0x7b0 fs/udf/inode.c:2179\n extent_trunc+0x2f7/0x4a0 fs/udf/truncate.c:46\n udf_truncate_tail_extent+0x527/0x7e0 fs/udf/truncate.c:106\n udf_release_file+0xc1/0x120 fs/udf/file.c:185\n __fput+0x23f/0x880 fs/file_table.c:431\n task_work_run+0x24f/0x310 kernel/task_work.c:239\n exit_task_work include/linux/task_work.h:43 [inline]\n do_exit+0xa2f/0x28e0 kernel/exit.c:939\n do_group_exit+0x207/0x2c0 kernel/exit.c:1088\n __do_sys_exit_group kernel/exit.c:1099 [inline]\n __se_sys_exit_group kernel/exit.c:1097 [inline]\n __x64_sys_exit_group+0x3f/0x40 kernel/exit.c:1097\n x64_sys_call+0x2634/0x2640 arch/x86/include/generated/asm/syscalls_64.h:232\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \u003c/TASK\u003e\n\nValidate the computed total length against epos-\u003ebh-\u003eb_size.\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40044",
"url": "https://www.suse.com/security/cve/CVE-2025-40044"
},
{
"category": "external",
"summary": "SUSE Bug 1252785 for CVE-2025-40044",
"url": "https://bugzilla.suse.com/1252785"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40044"
},
{
"cve": "CVE-2025-40049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: fix uninit-value in squashfs_get_parent\n\nSyzkaller reports a \"KMSAN: uninit-value in squashfs_get_parent\" bug.\n\nThis is caused by open_by_handle_at() being called with a file handle\ncontaining an invalid parent inode number. In particular the inode number\nis that of a symbolic link, rather than a directory.\n\nSquashfs_get_parent() gets called with that symbolic link inode, and\naccesses the parent member field.\n\n\tunsigned int parent_ino = squashfs_i(inode)-\u003eparent;\n\nBecause non-directory inodes in Squashfs do not have a parent value, this\nis uninitialised, and this causes an uninitialised value access.\n\nThe fix is to initialise parent with the invalid inode 0, which will cause\nan EINVAL error to be returned.\n\nRegular inodes used to share the parent field with the block_list_start\nfield. This is removed in this commit to enable the parent field to\ncontain the invalid inode number 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40049",
"url": "https://www.suse.com/security/cve/CVE-2025-40049"
},
{
"category": "external",
"summary": "SUSE Bug 1252822 for CVE-2025-40049",
"url": "https://bugzilla.suse.com/1252822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40049"
},
{
"cve": "CVE-2025-40051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost: vringh: Modify the return value check\n\nThe return value of copy_from_iter and copy_to_iter can\u0027t be negative,\ncheck whether the copied lengths are equal.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40051",
"url": "https://www.suse.com/security/cve/CVE-2025-40051"
},
{
"category": "external",
"summary": "SUSE Bug 1252858 for CVE-2025-40051",
"url": "https://bugzilla.suse.com/1252858"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40051"
},
{
"cve": "CVE-2025-40052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix crypto buffers in non-linear memory\n\nThe crypto API, through the scatterlist API, expects input buffers to be\nin linear memory. We handle this with the cifs_sg_set_buf() helper\nthat converts vmalloc\u0027d memory to their corresponding pages.\n\nHowever, when we allocate our aead_request buffer (@creq in\nsmb2ops.c::crypt_message()), we do so with kvzalloc(), which possibly\nputs aead_request-\u003e__ctx in vmalloc area.\n\nAEAD algorithm then uses -\u003e__ctx for its private/internal data and\noperations, and uses sg_set_buf() for such data on a few places.\n\nThis works fine as long as @creq falls into kmalloc zone (small\nrequests) or vmalloc\u0027d memory is still within linear range.\n\nTasks\u0027 stacks are vmalloc\u0027d by default (CONFIG_VMAP_STACK=y), so too\nmany tasks will increment the base stacks\u0027 addresses to a point where\nvirt_addr_valid(buf) will fail (BUG() in sg_set_buf()) when that\nhappens.\n\nIn practice: too many parallel reads and writes on an encrypted mount\nwill trigger this bug.\n\nTo fix this, always alloc @creq with kmalloc() instead.\nAlso drop the @sensitive_size variable/arguments since\nkfree_sensitive() doesn\u0027t need it.\n\nBacktrace:\n\n[ 945.272081] ------------[ cut here ]------------\n[ 945.272774] kernel BUG at include/linux/scatterlist.h:209!\n[ 945.273520] Oops: invalid opcode: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 945.274412] CPU: 7 UID: 0 PID: 56 Comm: kworker/u33:0 Kdump: loaded Not tainted 6.15.0-lku-11779-g8e9d6efccdd7-dirty #1 PREEMPT(voluntary)\n[ 945.275736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-2-gc13ff2cd-prebuilt.qemu.org 04/01/2014\n[ 945.276877] Workqueue: writeback wb_workfn (flush-cifs-2)\n[ 945.277457] RIP: 0010:crypto_gcm_init_common+0x1f9/0x220\n[ 945.278018] Code: b0 00 00 00 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f c3 cc cc cc cc 48 c7 c0 00 00 00 80 48 2b 05 5c 58 e5 00 e9 58 ff ff ff \u003c0f\u003e 0b 0f 0b 0f 0b 0f 0b 0f 0b 0f 0b 48 c7 04 24 01 00 00 00 48 8b\n[ 945.279992] RSP: 0018:ffffc90000a27360 EFLAGS: 00010246\n[ 945.280578] RAX: 0000000000000000 RBX: ffffc90001d85060 RCX: 0000000000000030\n[ 945.281376] RDX: 0000000000080000 RSI: 0000000000000000 RDI: ffffc90081d85070\n[ 945.282145] RBP: ffffc90001d85010 R08: ffffc90001d85000 R09: 0000000000000000\n[ 945.282898] R10: ffffc90001d85090 R11: 0000000000001000 R12: ffffc90001d85070\n[ 945.283656] R13: ffff888113522948 R14: ffffc90001d85060 R15: ffffc90001d85010\n[ 945.284407] FS: 0000000000000000(0000) GS:ffff8882e66cf000(0000) knlGS:0000000000000000\n[ 945.285262] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 945.285884] CR2: 00007fa7ffdd31f4 CR3: 000000010540d000 CR4: 0000000000350ef0\n[ 945.286683] Call Trace:\n[ 945.286952] \u003cTASK\u003e\n[ 945.287184] ? crypt_message+0x33f/0xad0 [cifs]\n[ 945.287719] crypto_gcm_encrypt+0x36/0xe0\n[ 945.288152] crypt_message+0x54a/0xad0 [cifs]\n[ 945.288724] smb3_init_transform_rq+0x277/0x300 [cifs]\n[ 945.289300] smb_send_rqst+0xa3/0x160 [cifs]\n[ 945.289944] cifs_call_async+0x178/0x340 [cifs]\n[ 945.290514] ? __pfx_smb2_writev_callback+0x10/0x10 [cifs]\n[ 945.291177] smb2_async_writev+0x3e3/0x670 [cifs]\n[ 945.291759] ? find_held_lock+0x32/0x90\n[ 945.292212] ? netfs_advance_write+0xf2/0x310\n[ 945.292723] netfs_advance_write+0xf2/0x310\n[ 945.293210] netfs_write_folio+0x346/0xcc0\n[ 945.293689] ? __pfx__raw_spin_unlock_irq+0x10/0x10\n[ 945.294250] netfs_writepages+0x117/0x460\n[ 945.294724] do_writepages+0xbe/0x170\n[ 945.295152] ? find_held_lock+0x32/0x90\n[ 945.295600] ? kvm_sched_clock_read+0x11/0x20\n[ 945.296103] __writeback_single_inode+0x56/0x4b0\n[ 945.296643] writeback_sb_inodes+0x229/0x550\n[ 945.297140] __writeback_inodes_wb+0x4c/0xe0\n[ 945.297642] wb_writeback+0x2f1/0x3f0\n[ 945.298069] wb_workfn+0x300/0x490\n[ 945.298472] process_one_work+0x1fe/0x590\n[ 945.298949] worker_thread+0x1ce/0x3c0\n[ 945.299397] ? __pfx_worker_thread+0x10/0x10\n[ 945.299900] kthr\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40052",
"url": "https://www.suse.com/security/cve/CVE-2025-40052"
},
{
"category": "external",
"summary": "SUSE Bug 1252851 for CVE-2025-40052",
"url": "https://bugzilla.suse.com/1252851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40052"
},
{
"cve": "CVE-2025-40056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost: vringh: Fix copy_to_iter return value check\n\nThe return value of copy_to_iter can\u0027t be negative, check whether the\ncopied length is equal to the requested length instead of checking for\nnegative values.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40056",
"url": "https://www.suse.com/security/cve/CVE-2025-40056"
},
{
"category": "external",
"summary": "SUSE Bug 1252826 for CVE-2025-40056",
"url": "https://bugzilla.suse.com/1252826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40056"
},
{
"cve": "CVE-2025-40058",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40058"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Disallow dirty tracking if incoherent page walk\n\nDirty page tracking relies on the IOMMU atomically updating the dirty bit\nin the paging-structure entry. For this operation to succeed, the paging-\nstructure memory must be coherent between the IOMMU and the CPU. In\nanother word, if the iommu page walk is incoherent, dirty page tracking\ndoesn\u0027t work.\n\nThe Intel VT-d specification, Section 3.10 \"Snoop Behavior\" states:\n\n\"Remapping hardware encountering the need to atomically update A/EA/D bits\n in a paging-structure entry that is not snooped will result in a non-\n recoverable fault.\"\n\nTo prevent an IOMMU from being incorrectly configured for dirty page\ntracking when it is operating in an incoherent mode, mark SSADS as\nsupported only when both ecap_slads and ecap_smpwc are supported.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40058",
"url": "https://www.suse.com/security/cve/CVE-2025-40058"
},
{
"category": "external",
"summary": "SUSE Bug 1252854 for CVE-2025-40058",
"url": "https://bugzilla.suse.com/1252854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40058"
},
{
"cve": "CVE-2025-40060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncoresight: trbe: Return NULL pointer for allocation failures\n\nWhen the TRBE driver fails to allocate a buffer, it currently returns\nthe error code \"-ENOMEM\". However, the caller etm_setup_aux() only\nchecks for a NULL pointer, so it misses the error. As a result, the\ndriver continues and eventually causes a kernel panic.\n\nFix this by returning a NULL pointer from arm_trbe_alloc_buffer() on\nallocation failures. This allows that the callers can properly handle\nthe failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40060",
"url": "https://www.suse.com/security/cve/CVE-2025-40060"
},
{
"category": "external",
"summary": "SUSE Bug 1252848 for CVE-2025-40060",
"url": "https://bugzilla.suse.com/1252848"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40060"
},
{
"cve": "CVE-2025-40061",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40061"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix race in do_task() when draining\n\nWhen do_task() exhausts its iteration budget (!ret), it sets the state\nto TASK_STATE_IDLE to reschedule, without a secondary check on the\ncurrent task-\u003estate. This can overwrite the TASK_STATE_DRAINING state\nset by a concurrent call to rxe_cleanup_task() or rxe_disable_task().\n\nWhile state changes are protected by a spinlock, both rxe_cleanup_task()\nand rxe_disable_task() release the lock while waiting for the task to\nfinish draining in the while(!is_done(task)) loop. The race occurs if\ndo_task() hits its iteration limit and acquires the lock in this window.\nThe cleanup logic may then proceed while the task incorrectly\nreschedules itself, leading to a potential use-after-free.\n\nThis bug was introduced during the migration from tasklets to workqueues,\nwhere the special handling for the draining case was lost.\n\nFix this by restoring the original pre-migration behavior. If the state is\nTASK_STATE_DRAINING when iterations are exhausted, set cont to 1 to\nforce a new loop iteration. This allows the task to finish its work, so\nthat a subsequent iteration can reach the switch statement and correctly\ntransition the state to TASK_STATE_DRAINED, stopping the task as intended.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40061",
"url": "https://www.suse.com/security/cve/CVE-2025-40061"
},
{
"category": "external",
"summary": "SUSE Bug 1252849 for CVE-2025-40061",
"url": "https://bugzilla.suse.com/1252849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40061"
},
{
"cve": "CVE-2025-40062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/qm - set NULL to qm-\u003edebug.qm_diff_regs\n\nWhen the initialization of qm-\u003edebug.acc_diff_reg fails,\nthe probe process does not exit. However, after qm-\u003edebug.qm_diff_regs is\nfreed, it is not set to NULL. This can lead to a double free when the\nremove process attempts to free it again. Therefore, qm-\u003edebug.qm_diff_regs\nshould be set to NULL after it is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40062",
"url": "https://www.suse.com/security/cve/CVE-2025-40062"
},
{
"category": "external",
"summary": "SUSE Bug 1252850 for CVE-2025-40062",
"url": "https://bugzilla.suse.com/1252850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40062"
},
{
"cve": "CVE-2025-40071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: Don\u0027t block input queue by waiting MSC\n\nCurrently gsm_queue() processes incoming frames and when opening\na DLC channel it calls gsm_dlci_open() which calls gsm_modem_update().\nIf basic mode is used it calls gsm_modem_upd_via_msc() and it\ncannot block the input queue by waiting the response to come\ninto the same input queue.\n\nInstead allow sending Modem Status Command without waiting for remote\nend to respond. Define a new function gsm_modem_send_initial_msc()\nfor this purpose. As MSC is only valid for basic encoding, it does\nnot do anything for advanced or when convergence layer type 2 is used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40071",
"url": "https://www.suse.com/security/cve/CVE-2025-40071"
},
{
"category": "external",
"summary": "SUSE Bug 1252797 for CVE-2025-40071",
"url": "https://bugzilla.suse.com/1252797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40071"
},
{
"cve": "CVE-2025-40078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Explicitly check accesses to bpf_sock_addr\n\nSyzkaller found a kernel warning on the following sock_addr program:\n\n 0: r0 = 0\n 1: r2 = *(u32 *)(r1 +60)\n 2: exit\n\nwhich triggers:\n\n verifier bug: error during ctx access conversion (0)\n\nThis is happening because offset 60 in bpf_sock_addr corresponds to an\nimplicit padding of 4 bytes, right after msg_src_ip4. Access to this\npadding isn\u0027t rejected in sock_addr_is_valid_access and it thus later\nfails to convert the access.\n\nThis patch fixes it by explicitly checking the various fields of\nbpf_sock_addr in sock_addr_is_valid_access.\n\nI checked the other ctx structures and is_valid_access functions and\ndidn\u0027t find any other similar cases. Other cases of (properly handled)\npadding are covered in new tests in a subsequent patch.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40078",
"url": "https://www.suse.com/security/cve/CVE-2025-40078"
},
{
"category": "external",
"summary": "SUSE Bug 1252789 for CVE-2025-40078",
"url": "https://bugzilla.suse.com/1252789"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40078"
},
{
"cve": "CVE-2025-40080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: restrict sockets to TCP and UDP\n\nRecently, syzbot started to abuse NBD with all kinds of sockets.\n\nCommit cf1b2326b734 (\"nbd: verify socket is supported during setup\")\nmade sure the socket supported a shutdown() method.\n\nExplicitely accept TCP and UNIX stream sockets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40080",
"url": "https://www.suse.com/security/cve/CVE-2025-40080"
},
{
"category": "external",
"summary": "SUSE Bug 1252774 for CVE-2025-40080",
"url": "https://bugzilla.suse.com/1252774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40080"
},
{
"cve": "CVE-2025-40082",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40082"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()\n\nBUG: KASAN: slab-out-of-bounds in hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186\nRead of size 2 at addr ffff8880289ef218 by task syz.6.248/14290\n\nCPU: 0 UID: 0 PID: 14290 Comm: syz.6.248 Not tainted 6.16.4 #1 PREEMPT(full)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0x116/0x1b0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xca/0x5f0 mm/kasan/report.c:482\n kasan_report+0xca/0x100 mm/kasan/report.c:595\n hfsplus_uni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186\n hfsplus_listxattr+0x5b6/0xbd0 fs/hfsplus/xattr.c:738\n vfs_listxattr+0xbe/0x140 fs/xattr.c:493\n listxattr+0xee/0x190 fs/xattr.c:924\n filename_listxattr fs/xattr.c:958 [inline]\n path_listxattrat+0x143/0x360 fs/xattr.c:988\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcb/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fe0e9fae16d\nCode: 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fe0eae67f98 EFLAGS: 00000246 ORIG_RAX: 00000000000000c3\nRAX: ffffffffffffffda RBX: 00007fe0ea205fa0 RCX: 00007fe0e9fae16d\nRDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000\nRBP: 00007fe0ea0480f0 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fe0ea206038 R14: 00007fe0ea205fa0 R15: 00007fe0eae48000\n \u003c/TASK\u003e\n\nAllocated by task 14290:\n kasan_save_stack+0x24/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:377 [inline]\n __kasan_kmalloc+0xaa/0xb0 mm/kasan/common.c:394\n kasan_kmalloc include/linux/kasan.h:260 [inline]\n __do_kmalloc_node mm/slub.c:4333 [inline]\n __kmalloc_noprof+0x219/0x540 mm/slub.c:4345\n kmalloc_noprof include/linux/slab.h:909 [inline]\n hfsplus_find_init+0x95/0x1f0 fs/hfsplus/bfind.c:21\n hfsplus_listxattr+0x331/0xbd0 fs/hfsplus/xattr.c:697\n vfs_listxattr+0xbe/0x140 fs/xattr.c:493\n listxattr+0xee/0x190 fs/xattr.c:924\n filename_listxattr fs/xattr.c:958 [inline]\n path_listxattrat+0x143/0x360 fs/xattr.c:988\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xcb/0x4c0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nWhen hfsplus_uni2asc is called from hfsplus_listxattr,\nit actually passes in a struct hfsplus_attr_unistr*.\nThe size of the corresponding structure is different from that of hfsplus_unistr,\nso the previous fix (94458781aee6) is insufficient.\nThe pointer on the unicode buffer is still going beyond the allocated memory.\n\nThis patch introduces two warpper functions hfsplus_uni2asc_xattr_str and\nhfsplus_uni2asc_str to process two unicode buffers,\nstruct hfsplus_attr_unistr* and struct hfsplus_unistr* respectively.\nWhen ustrlen value is bigger than the allocated memory size,\nthe ustrlen value is limited to an safe size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40082",
"url": "https://www.suse.com/security/cve/CVE-2025-40082"
},
{
"category": "external",
"summary": "SUSE Bug 1252775 for CVE-2025-40082",
"url": "https://bugzilla.suse.com/1252775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40082"
},
{
"cve": "CVE-2025-40085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40085"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix NULL pointer deference in try_to_register_card\n\nIn try_to_register_card(), the return value of usb_ifnum_to_if() is\npassed directly to usb_interface_claimed() without a NULL check, which\nwill lead to a NULL pointer dereference when creating an invalid\nUSB audio device. Fix this by adding a check to ensure the interface\npointer is valid before passing it to usb_interface_claimed().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40085",
"url": "https://www.suse.com/security/cve/CVE-2025-40085"
},
{
"category": "external",
"summary": "SUSE Bug 1252873 for CVE-2025-40085",
"url": "https://bugzilla.suse.com/1252873"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40085"
},
{
"cve": "CVE-2025-40087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40087"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Define a proc_layoutcommit for the FlexFiles layout type\n\nAvoid a crash if a pNFS client should happen to send a LAYOUTCOMMIT\noperation on a FlexFiles layout.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40087",
"url": "https://www.suse.com/security/cve/CVE-2025-40087"
},
{
"category": "external",
"summary": "SUSE Bug 1252909 for CVE-2025-40087",
"url": "https://bugzilla.suse.com/1252909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40087"
},
{
"cve": "CVE-2025-40088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40088"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: fix slab-out-of-bounds read in hfsplus_strcasecmp()\n\nThe hfsplus_strcasecmp() logic can trigger the issue:\n\n[ 117.317703][ T9855] ==================================================================\n[ 117.318353][ T9855] BUG: KASAN: slab-out-of-bounds in hfsplus_strcasecmp+0x1bc/0x490\n[ 117.318991][ T9855] Read of size 2 at addr ffff88802160f40c by task repro/9855\n[ 117.319577][ T9855]\n[ 117.319773][ T9855] CPU: 0 UID: 0 PID: 9855 Comm: repro Not tainted 6.17.0-rc6 #33 PREEMPT(full)\n[ 117.319780][ T9855] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 117.319783][ T9855] Call Trace:\n[ 117.319785][ T9855] \u003cTASK\u003e\n[ 117.319788][ T9855] dump_stack_lvl+0x1c1/0x2a0\n[ 117.319795][ T9855] ? __virt_addr_valid+0x1c8/0x5c0\n[ 117.319803][ T9855] ? __pfx_dump_stack_lvl+0x10/0x10\n[ 117.319808][ T9855] ? rcu_is_watching+0x15/0xb0\n[ 117.319816][ T9855] ? lock_release+0x4b/0x3e0\n[ 117.319821][ T9855] ? __kasan_check_byte+0x12/0x40\n[ 117.319828][ T9855] ? __virt_addr_valid+0x1c8/0x5c0\n[ 117.319835][ T9855] ? __virt_addr_valid+0x4a5/0x5c0\n[ 117.319842][ T9855] print_report+0x17e/0x7e0\n[ 117.319848][ T9855] ? __virt_addr_valid+0x1c8/0x5c0\n[ 117.319855][ T9855] ? __virt_addr_valid+0x4a5/0x5c0\n[ 117.319862][ T9855] ? __phys_addr+0xd3/0x180\n[ 117.319869][ T9855] ? hfsplus_strcasecmp+0x1bc/0x490\n[ 117.319876][ T9855] kasan_report+0x147/0x180\n[ 117.319882][ T9855] ? hfsplus_strcasecmp+0x1bc/0x490\n[ 117.319891][ T9855] hfsplus_strcasecmp+0x1bc/0x490\n[ 117.319900][ T9855] ? __pfx_hfsplus_cat_case_cmp_key+0x10/0x10\n[ 117.319906][ T9855] hfs_find_rec_by_key+0xa9/0x1e0\n[ 117.319913][ T9855] __hfsplus_brec_find+0x18e/0x470\n[ 117.319920][ T9855] ? __pfx_hfsplus_bnode_find+0x10/0x10\n[ 117.319926][ T9855] ? __pfx_hfs_find_rec_by_key+0x10/0x10\n[ 117.319933][ T9855] ? __pfx___hfsplus_brec_find+0x10/0x10\n[ 117.319942][ T9855] hfsplus_brec_find+0x28f/0x510\n[ 117.319949][ T9855] ? __pfx_hfs_find_rec_by_key+0x10/0x10\n[ 117.319956][ T9855] ? __pfx_hfsplus_brec_find+0x10/0x10\n[ 117.319963][ T9855] ? __kmalloc_noprof+0x2a9/0x510\n[ 117.319969][ T9855] ? hfsplus_find_init+0x8c/0x1d0\n[ 117.319976][ T9855] hfsplus_brec_read+0x2b/0x120\n[ 117.319983][ T9855] hfsplus_lookup+0x2aa/0x890\n[ 117.319990][ T9855] ? __pfx_hfsplus_lookup+0x10/0x10\n[ 117.320003][ T9855] ? d_alloc_parallel+0x2f0/0x15e0\n[ 117.320008][ T9855] ? __lock_acquire+0xaec/0xd80\n[ 117.320013][ T9855] ? __pfx_d_alloc_parallel+0x10/0x10\n[ 117.320019][ T9855] ? __raw_spin_lock_init+0x45/0x100\n[ 117.320026][ T9855] ? __init_waitqueue_head+0xa9/0x150\n[ 117.320034][ T9855] __lookup_slow+0x297/0x3d0\n[ 117.320039][ T9855] ? __pfx___lookup_slow+0x10/0x10\n[ 117.320045][ T9855] ? down_read+0x1ad/0x2e0\n[ 117.320055][ T9855] lookup_slow+0x53/0x70\n[ 117.320065][ T9855] walk_component+0x2f0/0x430\n[ 117.320073][ T9855] path_lookupat+0x169/0x440\n[ 117.320081][ T9855] filename_lookup+0x212/0x590\n[ 117.320089][ T9855] ? __pfx_filename_lookup+0x10/0x10\n[ 117.320098][ T9855] ? strncpy_from_user+0x150/0x290\n[ 117.320105][ T9855] ? getname_flags+0x1e5/0x540\n[ 117.320112][ T9855] user_path_at+0x3a/0x60\n[ 117.320117][ T9855] __x64_sys_umount+0xee/0x160\n[ 117.320123][ T9855] ? __pfx___x64_sys_umount+0x10/0x10\n[ 117.320129][ T9855] ? do_syscall_64+0xb7/0x3a0\n[ 117.320135][ T9855] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 117.320141][ T9855] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 117.320145][ T9855] do_syscall_64+0xf3/0x3a0\n[ 117.320150][ T9855] ? exc_page_fault+0x9f/0xf0\n[ 117.320154][ T9855] entry_SYSCALL_64_after_hwframe+0x77/0x7f\n[ 117.320158][ T9855] RIP: 0033:0x7f7dd7908b07\n[ 117.320163][ T9855] Code: 23 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 08\n[ 117.320167][ T9855] RSP: 002b:00007ffd5ebd9698 EFLAGS: 00000202 \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40088",
"url": "https://www.suse.com/security/cve/CVE-2025-40088"
},
{
"category": "external",
"summary": "SUSE Bug 1252904 for CVE-2025-40088",
"url": "https://bugzilla.suse.com/1252904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40088"
},
{
"cve": "CVE-2025-40096",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40096"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies\n\nWhen adding dependencies with drm_sched_job_add_dependency(), that\nfunction consumes the fence reference both on success and failure, so in\nthe latter case the dma_fence_put() on the error path (xarray failed to\nexpand) is a double free.\n\nInterestingly this bug appears to have been present ever since\ncommit ebd5f74255b9 (\"drm/sched: Add dependency tracking\"), since the code\nback then looked like this:\n\ndrm_sched_job_add_implicit_dependencies():\n...\n for (i = 0; i \u003c fence_count; i++) {\n ret = drm_sched_job_add_dependency(job, fences[i]);\n if (ret)\n break;\n }\n\n for (; i \u003c fence_count; i++)\n dma_fence_put(fences[i]);\n\nWhich means for the failing \u0027i\u0027 the dma_fence_put was already a double\nfree. Possibly there were no users at that time, or the test cases were\ninsufficient to hit it.\n\nThe bug was then only noticed and fixed after\ncommit 9c2ba265352a (\"drm/scheduler: use new iterator in drm_sched_job_add_implicit_dependencies v2\")\nlanded, with its fixup of\ncommit 4eaf02d6076c (\"drm/scheduler: fix drm_sched_job_add_implicit_dependencies\").\n\nAt that point it was a slightly different flavour of a double free, which\ncommit 963d0b356935 (\"drm/scheduler: fix drm_sched_job_add_implicit_dependencies harder\")\nnoticed and attempted to fix.\n\nBut it only moved the double free from happening inside the\ndrm_sched_job_add_dependency(), when releasing the reference not yet\nobtained, to the caller, when releasing the reference already released by\nthe former in the failure case.\n\nAs such it is not easy to identify the right target for the fixes tag so\nlets keep it simple and just continue the chain.\n\nWhile fixing we also improve the comment and explain the reason for taking\nthe reference and not dropping it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40096",
"url": "https://www.suse.com/security/cve/CVE-2025-40096"
},
{
"category": "external",
"summary": "SUSE Bug 1252902 for CVE-2025-40096",
"url": "https://bugzilla.suse.com/1252902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40096"
},
{
"cve": "CVE-2025-40100",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-40100"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: do not assert we found block group item when creating free space tree\n\nCurrently, when building a free space tree at populate_free_space_tree(),\nif we are not using the block group tree feature, we always expect to find\nblock group items (either extent items or a block group item with key type\nBTRFS_BLOCK_GROUP_ITEM_KEY) when we search the extent tree with\nbtrfs_search_slot_for_read(), so we assert that we found an item. However\nthis expectation is wrong since we can have a new block group created in\nthe current transaction which is still empty and for which we still have\nnot added the block group\u0027s item to the extent tree, in which case we do\nnot have any items in the extent tree associated to the block group.\n\nThe insertion of a new block group\u0027s block group item in the extent tree\nhappens at btrfs_create_pending_block_groups() when it calls the helper\ninsert_block_group_item(). This typically is done when a transaction\nhandle is released, committed or when running delayed refs (either as\npart of a transaction commit or when serving tickets for space reservation\nif we are low on free space).\n\nSo remove the assertion at populate_free_space_tree() even when the block\ngroup tree feature is not enabled and update the comment to mention this\ncase.\n\nSyzbot reported this with the following stack trace:\n\n BTRFS info (device loop3 state M): rebuilding free space tree\n assertion failed: ret == 0 :: 0, in fs/btrfs/free-space-tree.c:1115\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/free-space-tree.c:1115!\n Oops: invalid opcode: 0000 [#1] SMP KASAN PTI\n CPU: 1 UID: 0 PID: 6352 Comm: syz.3.25 Not tainted syzkaller #0 PREEMPT(full)\n Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025\n RIP: 0010:populate_free_space_tree+0x700/0x710 fs/btrfs/free-space-tree.c:1115\n Code: ff ff e8 d3 (...)\n RSP: 0018:ffffc9000430f780 EFLAGS: 00010246\n RAX: 0000000000000043 RBX: ffff88805b709630 RCX: fea61d0e2e79d000\n RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000\n RBP: ffffc9000430f8b0 R08: ffffc9000430f4a7 R09: 1ffff92000861e94\n R10: dffffc0000000000 R11: fffff52000861e95 R12: 0000000000000001\n R13: 1ffff92000861f00 R14: dffffc0000000000 R15: 0000000000000000\n FS: 00007f424d9fe6c0(0000) GS:ffff888125afc000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fd78ad212c0 CR3: 0000000076d68000 CR4: 00000000003526f0\n Call Trace:\n \u003cTASK\u003e\n btrfs_rebuild_free_space_tree+0x1ba/0x6d0 fs/btrfs/free-space-tree.c:1364\n btrfs_start_pre_rw_mount+0x128f/0x1bf0 fs/btrfs/disk-io.c:3062\n btrfs_remount_rw fs/btrfs/super.c:1334 [inline]\n btrfs_reconfigure+0xaed/0x2160 fs/btrfs/super.c:1559\n reconfigure_super+0x227/0x890 fs/super.c:1076\n do_remount fs/namespace.c:3279 [inline]\n path_mount+0xd1a/0xfe0 fs/namespace.c:4027\n do_mount fs/namespace.c:4048 [inline]\n __do_sys_mount fs/namespace.c:4236 [inline]\n __se_sys_mount+0x313/0x410 fs/namespace.c:4213\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xfa/0xfa0 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7f424e39066a\n Code: d8 64 89 02 (...)\n RSP: 002b:00007f424d9fde68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5\n RAX: ffffffffffffffda RBX: 00007f424d9fdef0 RCX: 00007f424e39066a\n RDX: 0000200000000180 RSI: 0000200000000380 RDI: 0000000000000000\n RBP: 0000200000000180 R08: 00007f424d9fdef0 R09: 0000000000000020\n R10: 0000000000000020 R11: 0000000000000246 R12: 0000200000000380\n R13: 00007f424d9fdeb0 R14: 0000000000000000 R15: 00002000000002c0\n \u003c/TASK\u003e\n Modules linked in:\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-40100",
"url": "https://www.suse.com/security/cve/CVE-2025-40100"
},
{
"category": "external",
"summary": "SUSE Bug 1252918 for CVE-2025-40100",
"url": "https://bugzilla.suse.com/1252918"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.55.1.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.55.1.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.55.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-18T13:51:55Z",
"details": "moderate"
}
],
"title": "CVE-2025-40100"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…